Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-20T11:53:51.290228+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/27ced20f-9eec-4625-8044-3b65f6e44c76/export 27ced20f-9eec-4625-8044-3b65f6e44c76 2026-06-20T11:53:51.645374+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "27ced20f-9eec-4625-8044-3b65f6e44c76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11717", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mokw33ts7e2e", "content": "CVE-2026-11717 - Google Cloud Platform OAuth Authentication Bypass\nCVE ID : CVE-2026-11717\n \n Published : June 18, 2026, 11:50 a.m. | 1\u00a0hour, 18\u00a0minutes ago\n \n Description : An authentication bypass vulnerability exists in the generic opaque token validation path (validateOpaq...", "creation_timestamp": "2026-06-18T13:18:13.684820Z"} 2026-06-18T13:18:13.684820+00:00 https://vulnerability.circl.lu/sighting/94adfdb2-4873-47e6-b1f4-29b966975af0/export 94adfdb2-4873-47e6-b1f4-29b966975af0 2026-06-20T11:53:51.645270+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "94adfdb2-4873-47e6-b1f4-29b966975af0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11717", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mol5hf2ood27", "content": "CRITICAL severity: googleapis/mcp-toolbox v1.0.0 lets tokens missing 'active' bypass auth checks \u2014 risking unauthorized access. No fix yet. Monitor vendor updates for remediation. https://radar.offseq.com/threat/cve-2026-11717-cwe-287-improper-authentication-in--13893f570bf80e27 #OffSeq #CloudSec...", "creation_timestamp": "2026-06-18T15:30:22.913987Z"} 2026-06-18T15:30:22.913987+00:00 https://vulnerability.circl.lu/sighting/d38b4e06-5b5a-4fac-8889-74947ea096f7/export d38b4e06-5b5a-4fac-8889-74947ea096f7 2026-06-20T11:53:51.643748+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "d38b4e06-5b5a-4fac-8889-74947ea096f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11717", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116771823299071551", "content": "CVE-2026-11717: CRITICAL vuln in googleapis/mcp-toolbox v1.0.0. Improper auth check lets tokens without 'active' field bypass controls \u2014 unauthorized access risk. Patch unconfirmed, monitor advisories: https://radar.offseq.com/threat/cve-2026-11717-cwe-287-improper-authentication-in--13893f570bf80e27 #OffSeq #CVE202611717 #OAuth2 #CloudSecurity", "creation_timestamp": "2026-06-18T15:30:29.805444Z"} 2026-06-18T15:30:29.805444+00:00