<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-02T04:34:40.881632+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/029057ee-b0af-473d-aec6-ddcc8132b176/export</id>
    <title>029057ee-b0af-473d-aec6-ddcc8132b176</title>
    <updated>2026-07-02T04:34:40.898041+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "029057ee-b0af-473d-aec6-ddcc8132b176", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1239", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mplig3lr5o27", "content": "CVE-2026-1239 - Missing Authorization in Ninja Forms plugin for WordPress. Unauthenticated access to form submissions, potentially exposing sensitive data. CVSS 7.5. Update immediately. #CVE #WordPress #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-1239/", "creation_timestamp": "2026-07-01T12:11:45.328513Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/029057ee-b0af-473d-aec6-ddcc8132b176/export"/>
    <published>2026-07-01T12:11:45.328513+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bc053091-71d7-44b2-aaf4-9b3e16632696/export</id>
    <title>bc053091-71d7-44b2-aaf4-9b3e16632696</title>
    <updated>2026-07-02T04:34:40.900157+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "bc053091-71d7-44b2-aaf4-9b3e16632696", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12399", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3mpbu7ixrta2m", "content": "CVE-2026-12399 gutenverse (CVSS Score 4.4) \n\n#WordPress plugin #vulnerability #cybersecurity #wordpressfirewall #hacking #wpsecurity #atomicedge #cybersecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-06-27T16:16:08.366941Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bc053091-71d7-44b2-aaf4-9b3e16632696/export"/>
    <published>2026-06-27T16:16:08.366941+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e5cbeef0-c81f-4a9f-8c55-6ef607fb1453/export</id>
    <title>e5cbeef0-c81f-4a9f-8c55-6ef607fb1453</title>
    <updated>2026-07-02T04:34:40.900402+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e5cbeef0-c81f-4a9f-8c55-6ef607fb1453", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12399", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpbaloxhgt2q", "content": "CVE-2026-12399 - Gutenverse\nCVE ID : CVE-2026-12399\n \n Published : June 27, 2026, 6:50 a.m. | 2\u00a0hours, 54\u00a0minutes ago\n \n Description : The Gutenverse \u2013 WordPress Blocks, Page Builder &amp;amp; Site Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin ...", "creation_timestamp": "2026-06-27T10:25:02.284721Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e5cbeef0-c81f-4a9f-8c55-6ef607fb1453/export"/>
    <published>2026-06-27T10:25:02.284721+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c693b380-7b1d-4b2d-be94-a2ca2916478e/export</id>
    <title>c693b380-7b1d-4b2d-be94-a2ca2916478e</title>
    <updated>2026-07-02T04:34:40.900606+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c693b380-7b1d-4b2d-be94-a2ca2916478e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12390", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3molqnbrciv2i", "content": "CVE-2026-12390 - Access of resource using incompatible type ('type confusion') in AzeoTech DAQFactory\nCVE ID : CVE-2026-12390\n \n Published : June 18, 2026, 6:30 p.m. | 2\u00a0hours, 38\u00a0minutes ago\n \n Description : In AzeoTech DAQFactory versions 21.1 and prior, a Type Confusion vul...", "creation_timestamp": "2026-06-18T21:13:41.319029Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c693b380-7b1d-4b2d-be94-a2ca2916478e/export"/>
    <published>2026-06-18T21:13:41.319029+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/238d6c8c-8ebd-42c3-86d4-a7a007faf24a/export</id>
    <title>238d6c8c-8ebd-42c3-86d4-a7a007faf24a</title>
    <updated>2026-07-02T04:34:40.900790+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cve.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "238d6c8c-8ebd-42c3-86d4-a7a007faf24a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-12390", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-169-02", "content": "", "creation_timestamp": "2026-06-18T05:00:00.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/238d6c8c-8ebd-42c3-86d4-a7a007faf24a/export"/>
    <published>2026-06-18T05:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9f3a4e6e-f61b-40c1-965a-d3019d6bc3a8/export</id>
    <title>9f3a4e6e-f61b-40c1-965a-d3019d6bc3a8</title>
    <updated>2026-07-02T04:34:40.902290+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9f3a4e6e-f61b-40c1-965a-d3019d6bc3a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12398", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mog67nrzov2c", "content": "\ud83d\udfe0 CVE-2026-12398 - High (7.5)\n\nA command injection vulnerability was found in galaxy_ng. The do_git_checkout() function in the l...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-12398/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-16T16:00:39.154855Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9f3a4e6e-f61b-40c1-965a-d3019d6bc3a8/export"/>
    <published>2026-06-16T16:00:39.154855+00:00</published>
  </entry>
</feed>
