Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-14T15:39:54.570044+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/b67c8000-7edd-42bc-8fa1-80e07ed6b414/export b67c8000-7edd-42bc-8fa1-80e07ed6b414 2026-06-14T15:39:54.907654+00:00 Joseph Lee https://cve.circl.lu/user/syspect {"uuid": "b67c8000-7edd-42bc-8fa1-80e07ed6b414", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-28742", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-162-02", "content": "", "creation_timestamp": "2026-06-11T05:00:00.000000Z"} 2026-06-11T05:00:00+00:00 https://vulnerability.circl.lu/sighting/b8d92521-7490-4327-9bca-34bee0f27c60/export b8d92521-7490-4327-9bca-34bee0f27c60 2026-06-14T15:39:54.907584+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "b8d92521-7490-4327-9bca-34bee0f27c60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28742", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mnzmpx4uza2v", "content": "~Cisa~\nMultiple critical flaws in Naxclow IoT Platform allow device takeover, credential harvesting, and communication interception.\n-\nIOCs: CVE-2026-42947, CVE-2026-50108, CVE-2026-28742\n-\n#CVE202642947 #IoT #ThreatIntel", "creation_timestamp": "2026-06-11T16:15:41.128393Z"} 2026-06-11T16:15:41.128393+00:00 https://vulnerability.circl.lu/sighting/4d145ef2-c6e1-4347-8b89-b118d1687efb/export 4d145ef2-c6e1-4347-8b89-b118d1687efb 2026-06-14T15:39:54.907506+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "4d145ef2-c6e1-4347-8b89-b118d1687efb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28742", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mo4ow6q4pn22", "content": "CVE-2026-28742 - Naxclow IoT Platform Use of hard-coded cryptographic key\nCVE ID : CVE-2026-28742\n \n Published : June 12, 2026, 7:16 p.m. | 1\u00a0hour, 51\u00a0minutes ago\n \n Description : Naxclow devices use a uniform request-signing scheme based on a hard-coded, platform-wide salt em...", "creation_timestamp": "2026-06-12T21:32:56.513721Z"} 2026-06-12T21:32:56.513721+00:00 https://vulnerability.circl.lu/sighting/fdee5eb5-6b72-405a-8424-b813bb5b0a7e/export fdee5eb5-6b72-405a-8424-b813bb5b0a7e 2026-06-14T15:39:54.907434+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "fdee5eb5-6b72-405a-8424-b813bb5b0a7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-28742", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mo5qcpwmyp27", "content": "Naxclow Smart Doorbell X3 hit by CRITICAL vuln: static platform-wide key allows device & user impersonation. No fix yet \u2014 keep devices off untrusted networks and monitor closely. https://radar.offseq.com/threat/cve-2026-28742-cwe-321-use-of-hard-coded-cryptogra-637b7b61 #OffSeq #IoTSecurity", "creation_timestamp": "2026-06-13T07:32:05.270130Z"} 2026-06-13T07:32:05.270130+00:00 https://vulnerability.circl.lu/sighting/90de2aaa-7603-444a-9515-7b998cb80ae9/export 90de2aaa-7603-444a-9515-7b998cb80ae9 2026-06-14T15:39:54.907354+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "90de2aaa-7603-444a-9515-7b998cb80ae9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-28742", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116741624707706755", "content": "\ud83d\udea8 CRITICAL: CVE-2026-28742 in Naxclow Smart Doorbell X3 \u2014 hard-coded platform-wide key + no replay protection = broad request forgery & device impersonation. No patch yet. Avoid untrusted networks & monitor devices. https://radar.offseq.com/threat/cve-2026-28742-cwe-321-use-of-hard-coded-cryptogra-637b7b61 #OffSeq #IoTSecurity #Vuln", "creation_timestamp": "2026-06-13T07:32:37.275611Z"} 2026-06-13T07:32:37.275611+00:00 https://vulnerability.circl.lu/sighting/7956a2ba-7a0c-40c6-a521-09cff3c79c7b/export 7956a2ba-7a0c-40c6-a521-09cff3c79c7b 2026-06-14T15:39:54.907258+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "7956a2ba-7a0c-40c6-a521-09cff3c79c7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28742", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116742760123723228", "content": "A lot of offensive activities were identified targeting Naxclow Smart Doorbell X3 and other products (CVE-2026-28742) https://vuldb.com/vuln/370711/cti", "creation_timestamp": "2026-06-13T12:19:11.844314Z"} 2026-06-13T12:19:11.844314+00:00 https://vulnerability.circl.lu/sighting/ce02b45f-369f-45e8-8067-e8c86e4f8ced/export ce02b45f-369f-45e8-8067-e8c86e4f8ced 2026-06-14T15:39:54.905026+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "ce02b45f-369f-45e8-8067-e8c86e4f8ced", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28742", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mo6g3toq3g2a", "content": "\ud83d\udd34 CVE-2026-28742 - Critical (9.8)\n\nNaxclow devices use a uniform request-signing scheme based on a hard-coded, platform-wide salt em...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-28742/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-13T14:01:30.178171Z"} 2026-06-13T14:01:30.178171+00:00