<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-03T02:14:08.206085+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b4dad5f6-9f02-4780-aa5a-0829ef54539c/export</id>
    <title>b4dad5f6-9f02-4780-aa5a-0829ef54539c</title>
    <updated>2026-07-03T02:14:08.227798+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b4dad5f6-9f02-4780-aa5a-0829ef54539c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11420", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motx5v4qxl2b", "content": "\ud83d\udea8  ALERT: CVE-2026-11420\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nTwo path traversal vulnerabilities in the Network Installation Service (NIS) of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on the server filesystem and to read package archi", "creation_timestamp": "2026-06-22T03:31:38.599603Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b4dad5f6-9f02-4780-aa5a-0829ef54539c/export"/>
    <published>2026-06-22T03:31:38.599603+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7a1c2de3-265d-4a8c-9f88-c96bfc91f033/export</id>
    <title>7a1c2de3-265d-4a8c-9f88-c96bfc91f033</title>
    <updated>2026-07-03T02:14:08.230129+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7a1c2de3-265d-4a8c-9f88-c96bfc91f033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11420", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnlnxeyhpo2f", "content": "Altium Enterprise Server faces CRITICAL path traversal (CVSS 10). Unauth'd attackers can write/read files, risking RCE. Restrict NIS access &amp;amp; watch for patches. Cloud not affected. https://radar.offseq.com/threat/cve-2026-11420-cwe-22-improper-limitation-of-a-pat-24b2eaa0 #OffSeq #security #CVE20...", "creation_timestamp": "2026-06-06T03:00:44.507401Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7a1c2de3-265d-4a8c-9f88-c96bfc91f033/export"/>
    <published>2026-06-06T03:00:44.507401+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f400ad6e-bed9-4fe1-96cf-cfef7d993988/export</id>
    <title>f400ad6e-bed9-4fe1-96cf-cfef7d993988</title>
    <updated>2026-07-03T02:14:08.230266+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f400ad6e-bed9-4fe1-96cf-cfef7d993988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11420", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116700926764613870", "content": "\ud83d\udd34 CRITICAL: Altium Enterprise Server (NIS) path traversal (CVE-2026-11420, CVSS 10) lets unauth'd attackers write/read files, leading to RCE risk. Restrict access; monitor for vendor patches. Altium 365 not affected. https://radar.offseq.com/threat/cve-2026-11420-cwe-22-improper-limitation-of-a-pat-24b2eaa0 #OffSeq #vuln #infosec #CVE202611420", "creation_timestamp": "2026-06-06T03:00:41.020544Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f400ad6e-bed9-4fe1-96cf-cfef7d993988/export"/>
    <published>2026-06-06T03:00:41.020544+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/22d8c111-cd66-45b7-b5e1-5d9805113269/export</id>
    <title>22d8c111-cd66-45b7-b5e1-5d9805113269</title>
    <updated>2026-07-03T02:14:08.230377+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "22d8c111-cd66-45b7-b5e1-5d9805113269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11420", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnkzghaetw27", "content": "CVE-2026-11420 - Path Traversal in Altium Enterprise Server NIS Allows Unauthenticated Arbitrary File Write and File Read\nCVE ID : CVE-2026-11420\n \n Published : June 5, 2026, 8:17 p.m. | 15\u00a0minutes ago\n \n Description : Two path traversal vulnerabilities in the Network Installa...", "creation_timestamp": "2026-06-05T20:53:04.530882Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/22d8c111-cd66-45b7-b5e1-5d9805113269/export"/>
    <published>2026-06-05T20:53:04.530882+00:00</published>
  </entry>
</feed>
