https://vulnerability.circl.lu/sightings/feed 2026-06-06T02:52:36.331606+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/b9f811f1-8e8a-43d7-ab51-ba90a980079e/export 2026-06-06T02:52:36.339794+00:00 Joseph Lee https://cve.circl.lu/user/syspect {"uuid": "b9f811f1-8e8a-43d7-ab51-ba90a980079e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/solarwinds-security-advisory-av26-549", "content": "", "creation_timestamp": "2026-06-04T11:54:48.000000Z"} 2026-06-04T11:54:48+00:00 https://vulnerability.circl.lu/sighting/06d0a570-3628-48ba-8bc7-094128fcd6be/export 2026-06-06T02:52:36.339719+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "06d0a570-3628-48ba-8bc7-094128fcd6be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6665471", "content": "2026-06-05: [CVE-2026-28318] SolarWinds Serv-U Uncontrolled Resource Consumption VulnerabilitySolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-Encoding: deflate header to crash the Serv-U service without authentication.\ncisakev", "creation_timestamp": "2026-06-05T17:46:15.513384Z"} 2026-06-05T17:46:15.513384+00:00 https://vulnerability.circl.lu/sighting/db2110d6-530f-4ff7-bdd7-412c3b1c5b2a/export 2026-06-06T02:52:36.339637+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "db2110d6-530f-4ff7-bdd7-412c3b1c5b2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mnkpelghy22d", "content": "\ud83d\uded1 CVE-2026-28318\nSolarWinds Serv-U\nCVSS 7.5 / EPSS 0% / KEV\nTL;DR: SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U ser\u2026\nhttps://cvesentinel.com/report/CVE-2026-28318?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-06-05T17:53:06.327922Z"} 2026-06-05T17:53:06.327922+00:00 https://vulnerability.circl.lu/sighting/33132aac-a004-44e2-98c5-578eaccb5cb6/export 2026-06-06T02:52:36.339558+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "33132aac-a004-44e2-98c5-578eaccb5cb6", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b00d5422-d924-4e37-a319-af4fa11ed523", "content": "", "creation_timestamp": "2026-06-05T18:00:02.558663Z"} 2026-06-05T18:00:02.558663+00:00 https://vulnerability.circl.lu/sighting/e7f74639-711d-4edd-97b1-bf64df0adc2d/export 2026-06-06T02:52:36.339468+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "e7f74639-711d-4edd-97b1-bf64df0adc2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/todb2.hugesuccess.org/post/3mnks2yssm6q2", "content": "w/r/t CVE-2026-28318 - I kinda like the mitigation guidance of \"well just block HTTP clients from sending `Content-encoding: deflate` on POSTs and you're good. Which sounded crazy to me, but is it?\n\nI know POSTs can be compressed, but I'd expect clients to use `gzip` pretty much exclusively. The [\u2026]", "creation_timestamp": "2026-06-05T18:42:19.552052Z"} 2026-06-05T18:42:19.552052+00:00 https://vulnerability.circl.lu/sighting/3b7f448d-1160-40e1-bb3d-96ea20a93427/export 2026-06-06T02:52:36.339390+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "3b7f448d-1160-40e1-bb3d-96ea20a93427", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/secdb.bsky.social/post/3mnkt4ofewr2o", "content": "\ud83d\udea8 CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0605)\n\n\u26a0\ufe0f CVE-2026-28318 - SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability\n\n\n#ZEN #SecDB #InfoSec #CISA_KEV", "creation_timestamp": "2026-06-05T19:00:14.048604Z"} 2026-06-05T19:00:14.048604+00:00 https://vulnerability.circl.lu/sighting/3c480856-7e03-4888-a18c-cf7d2d1184c9/export 2026-06-06T02:52:36.339311+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "3c480856-7e03-4888-a18c-cf7d2d1184c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mnkwmrimu72n", "content": "~Cisa~\nCISA added SolarWinds Serv-U vulnerability CVE-2026-28318 to its KEV catalog due to active exploitation.\n-\nIOCs: CVE-2026-28318\n-\n#CVE202628318 #SolarWinds #ThreatIntel", "creation_timestamp": "2026-06-05T20:02:55.769813Z"} 2026-06-05T20:02:55.769813+00:00 https://vulnerability.circl.lu/sighting/f83a9a61-4c05-4b65-a84a-78f6d568bd4f/export 2026-06-06T02:52:36.339225+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "f83a9a61-4c05-4b65-a84a-78f6d568bd4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnl2oh32kk2j", "content": "CISA says attackers are exploiting SolarWinds Serv-U CVE-2026-28318 to crash exposed servers via crafted POST requests. SolarWinds has issued Hotfix 1 for the denial-of-service flaw. #SolarWinds #ServU #CISA", "creation_timestamp": "2026-06-05T21:15:26.907444Z"} 2026-06-05T21:15:26.907444+00:00 https://vulnerability.circl.lu/sighting/214979d9-b8b2-4012-8d65-f1232de5fca8/export 2026-06-06T02:52:36.339119+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "214979d9-b8b2-4012-8d65-f1232de5fca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/cyberlensai.bsky.social/post/3mnli7wttdj22", "content": "CVE watch: CVE-2026-28318: SolarWinds Serv-U \u2014 SolarWinds Serv-U Uncontrolled\u2026\n\nCheck exposure, dependency, and agent/tool access before panic-patching. Inventory beats vibes.\n\nSource: cisa.gov\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2026-28318", "creation_timestamp": "2026-06-06T01:17:52.306365Z"} 2026-06-06T01:17:52.306365+00:00 https://vulnerability.circl.lu/sighting/1711f9c7-5bc2-4c7f-b9a7-c05fac9dbba3/export 2026-06-06T02:52:36.337939+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "1711f9c7-5bc2-4c7f-b9a7-c05fac9dbba3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3mnlkspnd6i2j", "content": "CISA Adds One Known Exploited Vulnerability to Catalog\nCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-28318 SolarWinds Serv-U Uncontrolled\u2026\n\n\ud83d\udd17 https://hnow.live/a/0ddbd4c9", "creation_timestamp": "2026-06-06T02:04:10.004367Z"} 2026-06-06T02:04:10.004367+00:00