Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-05-29T18:22:53.161229+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/7375cf5c-e876-41e6-bb80-1c1a1aa3a7dc/export 7375cf5c-e876-41e6-bb80-1c1a1aa3a7dc 2026-05-29T18:22:53.172847+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "7375cf5c-e876-41e6-bb80-1c1a1aa3a7dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29206", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlrwb25mje2s", "content": "\ud83d\udfe0 CVE-2026-29206 - High (8.1)\n\nInsufficient sanitization of SQL queries in the `sqloptimizer` utility script allows SQL Injectio...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-29206/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-14T03:54:37.135431Z"} 2026-05-14T03:54:37.135431+00:00 https://vulnerability.circl.lu/sighting/c56cddfa-ecdf-4e1e-8d14-94989b901e2c/export c56cddfa-ecdf-4e1e-8d14-94989b901e2c 2026-05-29T18:22:53.172774+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "c56cddfa-ecdf-4e1e-8d14-94989b901e2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29205", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mlsn2zl2ax2o", "content": "cPanel's latest patch (11.134.0.26) for the pre-auth arbitrary file read issue (CVE-2026-29205) is incomplete. We made the call to not publish our research until a working patch is released. We are in to\u2026\n\n\ud83d\udd01 RT @infosec_au | reposted by @HackingLZ\nhttps://x.com/infosec_au/status/2054749885258449252", "creation_timestamp": "2026-05-14T10:42:50.830140Z"} 2026-05-14T10:42:50.830140+00:00 https://vulnerability.circl.lu/sighting/53e4ecac-4e2b-47dc-a76d-56085aeebf99/export 53e4ecac-4e2b-47dc-a76d-56085aeebf99 2026-05-29T18:22:53.172701+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "53e4ecac-4e2b-47dc-a76d-56085aeebf99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29205", "type": "seen", "source": "Telegram/6zXDSxbXo7EBof6Cd4yE6Ym9T-wdU5pbgKCP0C0zYCxnx9mm", "content": "", "creation_timestamp": "2026-05-19T07:29:55.000000Z"} 2026-05-19T07:29:55+00:00 https://vulnerability.circl.lu/sighting/92982f8f-c46b-437c-a216-c4289c068ba1/export 92982f8f-c46b-437c-a216-c4289c068ba1 2026-05-29T18:22:53.172609+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "92982f8f-c46b-437c-a216-c4289c068ba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29205", "type": "seen", "source": "https://bsky.app/profile/alexandreborges.bsky.social/post/3mm7hmwsvw22g", "content": "New Age of Collisions: Reading Arbitrary Files Pre-Auth as root in cPanel (CVE-2026-29205):\n\n(blog) slcyber.io/research-cen...\n\n(tool) github.com/assetnote/cp...\n\n#cve #vulnerability #cybersecurity #informationsecurity #authentication", "creation_timestamp": "2026-05-19T13:11:26.260208Z"} 2026-05-19T13:11:26.260208+00:00 https://vulnerability.circl.lu/sighting/06c24dbb-006e-4616-b5cf-4ec3967d1965/export 06c24dbb-006e-4616-b5cf-4ec3967d1965 2026-05-29T18:22:53.172472+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "06c24dbb-006e-4616-b5cf-4ec3967d1965", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-29205", "type": "seen", "source": "https://infosec.exchange/users/alexandreborges/statuses/116601408065180777", "content": "New Age of Collisions: Reading Arbitrary Files Pre-Auth as root in cPanel (CVE-2026-29205):\n(blog) https://slcyber.io/research-center/new-age-of-collisions-reading-arbitrary-files-pre-auth-as-root-in-cpanel-cve-2026-29205\n(tool) https://github.com/assetnote/cpanel2shell-scanner\n#cve #vulnerability #cybersecurity #informationsecurity #authentication", "creation_timestamp": "2026-05-19T13:11:30.918959Z"} 2026-05-19T13:11:30.918959+00:00 https://vulnerability.circl.lu/sighting/25184d70-9fe2-45c4-876d-aacda802be73/export 25184d70-9fe2-45c4-876d-aacda802be73 2026-05-29T18:22:53.171591+00:00 Joseph Lee https://cve.circl.lu/user/syspect {"uuid": "25184d70-9fe2-45c4-876d-aacda802be73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-29206", "type": "seen", "source": "https://www.acn.gov.it/portale/w/cpanel-whm-e-wp-squared-poc-pubblico-per-lo-sfruttamento-della-cve-2026-29205", "content": "", "creation_timestamp": "2026-05-20T06:20:46.000000Z"} 2026-05-20T06:20:46+00:00 https://vulnerability.circl.lu/sighting/8b2053dd-7c5f-4c06-8294-61f94abf89f5/export 8b2053dd-7c5f-4c06-8294-61f94abf89f5 2026-05-29T18:22:53.171501+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "8b2053dd-7c5f-4c06-8294-61f94abf89f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29205", "type": "seen", "source": "https://www.acn.gov.it/portale/w/cpanel-whm-e-wp-squared-poc-pubblico-per-lo-sfruttamento-della-cve-2026-29205", "content": "Aggiornamenti di sicurezza sanano cinque vulnerabilit\u00e0 di gravit\u00e0 \u201calta\u201d, tra cui una con proof of concept (PoC) disponibile, presenti nei software cPanel & WHM e WP Squared, noti pannelli di controllo per l\u2019hosting web.", "creation_timestamp": "2026-05-20T11:20:46.000000Z"} 2026-05-20T11:20:46+00:00 https://vulnerability.circl.lu/sighting/59a5672a-5b60-4e33-ac48-24539265cc34/export 59a5672a-5b60-4e33-ac48-24539265cc34 2026-05-29T18:22:53.171411+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "59a5672a-5b60-4e33-ac48-24539265cc34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-29205", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mmcdnzac252w", "content": "\ud83d\udccc New Age of Collisions: Pre-Auth Arbitrary File Reading as Root in cPanel (CVE-2026-29205) https://www.cyberhub.blog/article/26233-new-age-of-collisions-pre-auth-arbitrary-file-reading-as-root-in-cpanel-cve-2026-29205", "creation_timestamp": "2026-05-20T16:37:07.067374Z"} 2026-05-20T16:37:07.067374+00:00 https://vulnerability.circl.lu/sighting/048b6380-f44c-48b5-a607-07a28104242f/export 048b6380-f44c-48b5-a607-07a28104242f 2026-05-29T18:22:53.171282+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "048b6380-f44c-48b5-a607-07a28104242f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29205", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3mmefzc6s4g2w", "content": "New Age of Collisions: Reading Arbitrary Files Pre-Auth as root in cPanel (CVE-2026-29205)", "creation_timestamp": "2026-05-21T12:24:32.071695Z"} 2026-05-21T12:24:32.071695+00:00 https://vulnerability.circl.lu/sighting/e01554e5-267b-4114-9733-b10e5aa3cf76/export e01554e5-267b-4114-9733-b10e5aa3cf76 2026-05-29T18:22:53.169988+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "e01554e5-267b-4114-9733-b10e5aa3cf76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29205", "type": "seen", "source": "https://t.me/bdufstecru/3184", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b cpdavd \u043f\u0430\u043d\u0435\u043b\u0435\u0439 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u0435\u0431-\u0445\u043e\u0441\u0442\u0438\u043d\u0433\u043e\u043c cPanel \u0438 WordPress Squared, \u043f\u0430\u043d\u0435\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f WebHost Manager \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0432\u0435\u0440\u043d\u044b\u043c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435\u043c \u0438\u043c\u0435\u043d\u0438 \u043f\u0443\u0442\u0438 \u043a \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0443 \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0447\u0438\u0442\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b\n\nBDU:2026-07107\nCVE-2026-29205\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://support.cpanel.net/hc/en-us/articles/40437020299927-Security-CVE-2026-29205-cPanel-WHM-WP2-Security-Update-May-13-2026\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0441\u043b\u0443\u0436\u0431\u044b CalDAV (cpdavd);\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u043e\u0440\u0442\u0430\u043c 2079 \u0438 2080;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e;\n- \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0441 \u0446\u0435\u043b\u044c\u044e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e \u0438\u0437 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u043e\u0434\u0441\u0435\u0442\u0435\u0439;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f (\u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f, \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438) \u0438 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0447\u0430\u0441\u0442\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 \u0434\u043b\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (VPN);\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e \u0438\u0437 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u0441\u0435\u0442\u0435\u0439 (\u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442).", "creation_timestamp": "2026-05-22T13:22:59.000000Z"} 2026-05-22T13:22:59+00:00