https://vulnerability.circl.lu/sightings/feed 2026-06-23T14:47:39.840799+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/22abd264-ceda-4ace-87b4-e15b4156d728/export 2026-06-23T14:47:39.872422+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "22abd264-ceda-4ace-87b4-e15b4156d728", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27421", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlbdrwbppn2i", "content": "CVE-2026-27421 - WordPress Royal Elementor Addons plugin\nCVE ID : CVE-2026-27421\n \n Published : May 7, 2026, 9:16 a.m. | 3\u00a0hours, 8\u00a0minutes ago\n \n Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WProyal Royal ...", "creation_timestamp": "2026-05-07T13:41:25.996961Z"} 2026-05-07T13:41:25.996961+00:00 https://vulnerability.circl.lu/sighting/ab7412d1-8f7f-4742-9b2c-ecee34ac53a2/export 2026-06-23T14:47:39.872124+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "ab7412d1-8f7f-4742-9b2c-ecee34ac53a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27427", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmquylwq7m2n", "content": "CVE-2026-27427 - WordPress Geo Mashup plugin\nCVE ID : CVE-2026-27427\n \n Published : May 26, 2026, 8:19 a.m. | 2\u00a0hours, 12\u00a0minutes ago\n \n Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dylan Kuhn Geo Mashup al...", "creation_timestamp": "2026-05-26T11:24:31.627294Z"} 2026-05-26T11:24:31.627294+00:00 https://vulnerability.circl.lu/sighting/fccaa39a-cc92-4edd-8b7c-b4765a81361e/export 2026-06-23T14:47:39.871773+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "fccaa39a-cc92-4edd-8b7c-b4765a81361e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2742", "type": "seen", "source": "https://bsky.app/profile/hackinghub.bsky.social/post/3mmu3o5rvev2e", "content": "Vaadin treats the request as a framework request, triggers initialization, and creates a session without proper authorization.\n\nThis is CVE-2026-2742: unauthorized session creation via reserved framework path access.", "creation_timestamp": "2026-05-27T18:01:56.285277Z"} 2026-05-27T18:01:56.285277+00:00 https://vulnerability.circl.lu/sighting/6b8545fa-fc55-4fbf-8875-a1b0bc5ffcd9/export 2026-06-23T14:47:39.868930+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "6b8545fa-fc55-4fbf-8875-a1b0bc5ffcd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27429", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3moiij5wfno2b", "content": "CVE-2026-27429 - Unauthenticated PHP Object Injection in Nifty <= 1.4.1. CVSS 9.8. No patch available. Update immediately or disable. #CVE #infosec #PHP\n\nhttps://www.valtersit.com/cve/CVE-2026-27429/", "creation_timestamp": "2026-06-17T14:10:14.044362Z"} 2026-06-17T14:10:14.044362+00:00