https://vulnerability.circl.lu/sightings/feed 2026-05-09T15:42:23.638472+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/b5c2b27e-d96b-4857-a709-9c042d9e0360/export 2026-05-09T15:42:23.652185+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "b5c2b27e-d96b-4857-a709-9c042d9e0360", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-22679", "type": "seen", "source": "https://t.me/thehackernews/8932", "content": "\ud83d\udea8 Critical RCE flaw (CVE-2026-22679, CVSS 9.8) in Weaver E-cology 10.0 is under active exploitation.\n\nAttackers use unauthenticated requests to execute commands; activity observed since March 17\u201331, 2026, with failed payload drops & MSI attempts.\n\nDetails \ud83d\udc49 https://thehackernews.com/2026/05/weaver-e-cology-rce-flaw-cve-2026-22679.html", "creation_timestamp": "2026-05-05T10:55:43.000000Z"} 2026-05-05T10:55:43+00:00 https://vulnerability.circl.lu/sighting/7beb74a5-fd97-4591-90ef-782a9d4f6393/export 2026-05-09T15:42:23.652078+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "7beb74a5-fd97-4591-90ef-782a9d4f6393", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-22679", "type": "seen", "source": "https://bsky.app/profile/cerberusit.bsky.social/post/3ml44ay7fhq2h", "content": "Weaver E-cology users are discovering the hard way that their office automation platform\u2019s debug API is basically an invitation for active exploitation. This critical CVE-2026-22679 flaw allows attackers to bypass whatever meager defenses were in place to achieve remote code ex...\n\nRead full story", "creation_timestamp": "2026-05-05T11:43:23.727537Z"} 2026-05-05T11:43:23.727537+00:00 https://vulnerability.circl.lu/sighting/08291fab-b380-4244-9d32-ca2d4a7635d0/export 2026-05-09T15:42:23.651977+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "08291fab-b380-4244-9d32-ca2d4a7635d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-22679", "type": "seen", "source": "https://bsky.app/profile/cybersecurity0001.bsky.social/post/3ml46tcv6bb2k", "content": "Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API", "creation_timestamp": "2026-05-05T12:29:26.360594Z"} 2026-05-05T12:29:26.360594+00:00 https://vulnerability.circl.lu/sighting/232e93da-2ca2-42b4-94a1-1d8755484c2f/export 2026-05-09T15:42:23.651891+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "232e93da-2ca2-42b4-94a1-1d8755484c2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-22679", "type": "seen", "source": "https://bsky.app/profile/calimegai.bsky.social/post/3ml4knj4cph2o", "content": "Une faille critique RCE dans #Weaver E-cology (<20260312) est activement exploit\u00e9e via l\u2019API Debug (CVE-2026-22679, CVSS 9.8). Risque majeur d\u2019ex\u00e9cution de code \u00e0 distance non authentifi\u00e9e \u26a0\ufe0f #CyberSecurity #Automatisation ", "creation_timestamp": "2026-05-05T16:00:56.293630Z"} 2026-05-05T16:00:56.293630+00:00 https://vulnerability.circl.lu/sighting/21338861-0c34-4acf-b4a8-3d9c6eb74fff/export 2026-05-09T15:42:23.651789+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "21338861-0c34-4acf-b4a8-3d9c6eb74fff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-22679", "type": "seen", "source": "https://bsky.app/profile/intel.overresearched.net/post/3ml52wy6bjc2j", "content": "CTI Daily 2026-05-04: Weaver E-cology CVE-2026-22679 exploited ITW since March. MS criticals in GNU Binutils & libssh2. Safepay hits 5 victims, 6 countries. ShinyHunters leaks 119k Vimeo emails via Anodot.\n\nFull brief: intel.overresearched.net/2026/05/05/c...\n\n#Daily #ThreatIntel #InfoSec", "creation_timestamp": "2026-05-05T20:52:35.358590Z"} 2026-05-05T20:52:35.358590+00:00 https://vulnerability.circl.lu/sighting/6547c617-6e1f-46c5-a257-072dba3f1174/export 2026-05-09T15:42:23.651672+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "6547c617-6e1f-46c5-a257-072dba3f1174", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-22679", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3ml56rnjacc2g", "content": "Weaver E-cology critical bug exploited in attacks since March\n\nHackers have been exploiting a critical vulnerability (CVE-2026-22679) in the Weaver E-cology office automation since mid-March to run discovery commands. [...]\n#hackernews #news", "creation_timestamp": "2026-05-05T22:01:10.257008Z"} 2026-05-05T22:01:10.257008+00:00 https://vulnerability.circl.lu/sighting/fb83ccc5-ad1f-408b-9e4c-da3bbe693dcb/export 2026-05-09T15:42:23.651575+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "fb83ccc5-ad1f-408b-9e4c-da3bbe693dcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-22679", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3ml5jxms6e22g", "content": "Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API\n\nA critical security vulnerability in Weaver (Fanwei) E-cology, an enterprise office automation (OA) and collaboration platform, has come under active exploitation in the wild.\nThe vulnerability (CVE-2026-226\u2026\n#hackernews #news", "creation_timestamp": "2026-05-06T01:21:21.579559Z"} 2026-05-06T01:21:21.579559+00:00 https://vulnerability.circl.lu/sighting/f3320baf-ec23-45ac-8120-4cbd592b70c3/export 2026-05-09T15:42:23.651464+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "f3320baf-ec23-45ac-8120-4cbd592b70c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-22679", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3ml73kh3zle2b", "content": "Critical RCE vulnerability CVE-2026-22679 in Weaver E-cology exploited in the wild. Update to build 20260312 immediately to secure your systems. #CyberSecurity #WeaverEcology #RCE Link: thedailytechfeed.com/critical-rce...", "creation_timestamp": "2026-05-06T16:08:47.927698Z"} 2026-05-06T16:08:47.927698+00:00 https://vulnerability.circl.lu/sighting/b9094da9-4cc2-417f-8566-fb2eed078ce8/export 2026-05-09T15:42:23.651303+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "b9094da9-4cc2-417f-8566-fb2eed078ce8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-22679", "type": "seen", "source": "https://bsky.app/profile/patrickcmiller.bsky.social/post/3mlaiyosjyj2h", "content": "Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API thehackernews.com/2026/05/weav...", "creation_timestamp": "2026-05-07T05:42:06.031497Z"} 2026-05-07T05:42:06.031497+00:00 https://vulnerability.circl.lu/sighting/31f21ad0-e938-4a58-9ad6-6719b7da1e6e/export 2026-05-09T15:42:23.648262+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "31f21ad0-e938-4a58-9ad6-6719b7da1e6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-22679", "type": "seen", "source": "https://infosec.exchange/users/patrickcmiller/statuses/116536883309183392", "content": "Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API https://thehackernews.com/2026/05/weaver-e-cology-rce-flaw-cve-2026-22679.html", "creation_timestamp": "2026-05-08T03:42:02.545989Z"} 2026-05-08T03:42:02.545989+00:00