<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-15T16:00:29.807078+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e36e6200-0631-4d86-8180-981c9b6ddb74/export</id>
    <title>e36e6200-0631-4d86-8180-981c9b6ddb74</title>
    <updated>2026-07-15T16:00:29.830825+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e36e6200-0631-4d86-8180-981c9b6ddb74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/cert-fr.bsky.social/post/3mqoykcbovc2w", "content": "\u26a0\ufe0fAlerte CERT-FR\u26a0\ufe0f\n\nLes vuln\u00e9rabilit\u00e9s CVE-2026-15409 et CVE-2026-15410 affectent les SMA 1000 et permettent une SSRF ainsi que d'ex\u00e9cuter du code arbitraire \u00e0 distance.\nElles sont activement exploit\u00e9es.", "creation_timestamp": "2026-07-15T15:03:33.582147Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e36e6200-0631-4d86-8180-981c9b6ddb74/export"/>
    <published>2026-07-15T15:03:33.582147+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8ab3e000-6f50-4b55-8f29-6ddedb616a27/export</id>
    <title>8ab3e000-6f50-4b55-8f29-6ddedb616a27</title>
    <updated>2026-07-15T16:00:29.834079+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8ab3e000-6f50-4b55-8f29-6ddedb616a27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://social.numerique.gouv.fr/users/cert_fr/statuses/116924433303774121", "content": "\u26a0\ufe0fAlerte CERT-FR\u26a0\ufe0f\nLes vuln\u00e9rabilit\u00e9s CVE-2026-15409 et CVE-2026-15410 affectent les SMA 1000 et permettent une SSRF ainsi que d'ex\u00e9cuter du code arbitraire \u00e0 distance.Elle sont activement exploit\u00e9es.\nhttps://www.cert.ssi.gouv.fr/alerte/CERTFR-2026-ALE-006/", "creation_timestamp": "2026-07-15T14:21:07.087425Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8ab3e000-6f50-4b55-8f29-6ddedb616a27/export"/>
    <published>2026-07-15T14:21:07.087425+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/70e31a1e-201d-49bc-85e9-9b295907dfb2/export</id>
    <title>70e31a1e-201d-49bc-85e9-9b295907dfb2</title>
    <updated>2026-07-15T16:00:29.834213+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "70e31a1e-201d-49bc-85e9-9b295907dfb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/cert-fr.bsky.social/post/3mqow6efupj2c", "content": "\u26a0\ufe0fAlerte CERT-FR\u26a0\ufe0f\n\nLes vuln\u00e9rabilit\u00e9s CVE-2026-15409 et CVE-2026-15410 affectent les SMA 1000 et permettent une SSRF ainsi que d'ex\u00e9cuter du code arbitraire \u00e0 distance.\nElle sont activement exploit\u00e9es.\n\nwww.cert.ssi.gouv.fr/alerte/CERTF...", "creation_timestamp": "2026-07-15T14:21:06.117805Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/70e31a1e-201d-49bc-85e9-9b295907dfb2/export"/>
    <published>2026-07-15T14:21:06.117805+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7399371d-1dc3-429f-a0a2-892c81cba173/export</id>
    <title>7399371d-1dc3-429f-a0a2-892c81cba173</title>
    <updated>2026-07-15T16:00:29.834282+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7399371d-1dc3-429f-a0a2-892c81cba173", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/kotosecurity.bsky.social/post/3mqov7hex2n2w", "content": "\ud83d\udea8 VULN: SonicWall SMA 1000 \u2014 2 zero-days actively exploited: CVE-2026-15409 (CVSS 10.0, SSRF) &amp;amp; CVE-2026-15410 (CVSS 7.2, post-auth code injection \u2192 admin cmd exec). Patch to 12.4.3-03453+/12.5.0-02835+. Src: The Hacker News", "creation_timestamp": "2026-07-15T14:03:49.483578Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7399371d-1dc3-429f-a0a2-892c81cba173/export"/>
    <published>2026-07-15T14:03:49.483578+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c6f4e235-a014-4c2c-9745-a484279fb175/export</id>
    <title>c6f4e235-a014-4c2c-9745-a484279fb175</title>
    <updated>2026-07-15T16:00:29.834348+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c6f4e235-a014-4c2c-9745-a484279fb175", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3mqouougr732c", "content": "SonicWall confirms active exploitation of CVE-2026-15409 (CVSS 10 SSRF) and CVE-2026-15410 (code injection) in SMA 1000. Identify every exposed appliance, hotfix it, preserve logs, and investigate unexpected appliance-to-internal traffic.", "creation_timestamp": "2026-07-15T13:54:33.824109Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c6f4e235-a014-4c2c-9745-a484279fb175/export"/>
    <published>2026-07-15T13:54:33.824109+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4c042ff5-b5a4-4be0-a56b-b85c8c93fec4/export</id>
    <title>4c042ff5-b5a4-4be0-a56b-b85c8c93fec4</title>
    <updated>2026-07-15T16:00:29.834414+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "4c042ff5-b5a4-4be0-a56b-b85c8c93fec4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3mqouougpal2c", "content": "SonicWall confirms active exploitation of CVE-2026-15409 (CVSS 10 SSRF) and CVE-2026-15410 (code injection) in SMA 1000. Identify every exposed appliance, hotfix it, preserve logs, and investigate unexpected appliance-to-internal traffic.", "creation_timestamp": "2026-07-15T13:54:33.371305Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4c042ff5-b5a4-4be0-a56b-b85c8c93fec4/export"/>
    <published>2026-07-15T13:54:33.371305+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/404dbda5-32ca-4d64-8db5-00035ec04c54/export</id>
    <title>404dbda5-32ca-4d64-8db5-00035ec04c54</title>
    <updated>2026-07-15T16:00:29.834478+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "404dbda5-32ca-4d64-8db5-00035ec04c54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3mqouougpak2c", "content": "SonicWall confirms active exploitation of CVE-2026-15409 (CVSS 10 SSRF) and CVE-2026-15410 (code injection) in SMA 1000. Identify every exposed appliance, hotfix it, preserve logs, and investigate unexpected appliance-to-internal traffic.", "creation_timestamp": "2026-07-15T13:54:32.886063Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/404dbda5-32ca-4d64-8db5-00035ec04c54/export"/>
    <published>2026-07-15T13:54:32.886063+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d0d0375f-1a7b-4859-93cf-abeba34a9ce4/export</id>
    <title>d0d0375f-1a7b-4859-93cf-abeba34a9ce4</title>
    <updated>2026-07-15T16:00:29.834540+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d0d0375f-1a7b-4859-93cf-abeba34a9ce4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3mqouougobc2c", "content": "SonicWall confirms active exploitation of CVE-2026-15409 (CVSS 10 SSRF) and CVE-2026-15410 (code injection) in SMA 1000. Identify every exposed appliance, hotfix it, preserve logs, and investigate unexpected appliance-to-internal traffic.", "creation_timestamp": "2026-07-15T13:54:32.403293Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d0d0375f-1a7b-4859-93cf-abeba34a9ce4/export"/>
    <published>2026-07-15T13:54:32.403293+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/80420601-f6b2-425b-8ff8-69222c8bbe9b/export</id>
    <title>80420601-f6b2-425b-8ff8-69222c8bbe9b</title>
    <updated>2026-07-15T16:00:29.834607+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "80420601-f6b2-425b-8ff8-69222c8bbe9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3mqouougghc2c", "content": "SonicWall confirms active exploitation of CVE-2026-15409 (CVSS 10 SSRF) and CVE-2026-15410 (code injection) in SMA 1000. Identify every exposed appliance, hotfix it, preserve logs, and investigate unexpected appliance-to-internal traffic.", "creation_timestamp": "2026-07-15T13:54:31.924987Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/80420601-f6b2-425b-8ff8-69222c8bbe9b/export"/>
    <published>2026-07-15T13:54:31.924987+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a90953ff-ca0b-4a23-a567-d905bc64138d/export</id>
    <title>a90953ff-ca0b-4a23-a567-d905bc64138d</title>
    <updated>2026-07-15T16:00:29.834669+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a90953ff-ca0b-4a23-a567-d905bc64138d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3mqotjan64524", "content": "CISA Adds Four Known Exploited Vulnerabilities to Catalog\nCISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-15409 SonicWall SMA1000\u2026\n\n\ud83d\udd17 https://hnow.live/a/166a55c5", "creation_timestamp": "2026-07-15T13:33:29.667307Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a90953ff-ca0b-4a23-a567-d905bc64138d/export"/>
    <published>2026-07-15T13:33:29.667307+00:00</published>
  </entry>
</feed>
