https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-06-19T01:42:55.720831+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/2750fb37-eb81-4558-90ca-5ae3e4818f27/export2750fb37-eb81-4558-90ca-5ae3e4818f272026-06-19T01:42:55.757573+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "2750fb37-eb81-4558-90ca-5ae3e4818f27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34907", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnconxngwd2f", "content": "CVE-2026-34907 - Reflected Cross-Site Scripting (XSS) in Wirtualna Uczelnia\nCVE ID : CVE-2026-34907\n \n Published : June 2, 2026, 10:16 a.m. | 2\u00a0hours, 16\u00a0minutes ago\n \n Description : Wirtualna Uczelnia is vulnerable to Reflected Cross\u2011Site Scripting (XSS) due to insecure handl...", "creation_timestamp": "2026-06-02T13:19:07.580280Z"}2026-06-02T13:19:07.580280+00:00https://vulnerability.circl.lu/sighting/6dfa1620-499d-4c0a-b2c6-bae89f204854/export6dfa1620-499d-4c0a-b2c6-bae89f2048542026-06-19T01:42:55.757466+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "6dfa1620-499d-4c0a-b2c6-bae89f204854", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnsb66zos427", "content": "UniFi OS Server flaws CVE-2026-34908, -34909, and -34910 can be chained for unauthenticated root RCE. Bishop Fox released detection guidance, and version 5.0.8+ fixes the issue. #UniFiOSServer #BishopFox #CVE2026", "creation_timestamp": "2026-06-08T18:00:16.104306Z"}2026-06-08T18:00:16.104306+00:00https://vulnerability.circl.lu/sighting/f184255e-657a-48d7-8ae9-7ab91f28cc9b/exportf184255e-657a-48d7-8ae9-7ab91f28cc9b2026-06-19T01:42:55.757356+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "f184255e-657a-48d7-8ae9-7ab91f28cc9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-34908", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3mnsmvnetss2e", "content": "\ud83d\udce2 RCE non authentifi\u00e9e sur UniFi OS Server : cha\u00eene de vuln\u00e9rabilit\u00e9s CVSS 10.0 (CVE-2026-34908/09/10)\n\ud83d\udcdd ## \ud83d\udd0d Contexte\n\nLe 5 juin 20\u2026\nhttps://cyberveille.ch/posts/2026-06-08-rce-non-authentifiee-sur-unifi-os-server-chaine-de-vulnerabilites-cvss-10-0-cve-2026-34908-09-10/ #CVE_2026_33000 #Cyberveille", "creation_timestamp": "2026-06-08T21:30:13.368588Z"}2026-06-08T21:30:13.368588+00:00https://vulnerability.circl.lu/sighting/151de027-0659-4671-ac65-c81f953afdd6/export151de027-0659-4671-ac65-c81f953afdd62026-06-19T01:42:55.757256+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "151de027-0659-4671-ac65-c81f953afdd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34905", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mntp3uzupp2m", "content": "CVE-2026-34905: Apache Answer: Unlisted Questions Accessible via Direct API Access", "creation_timestamp": "2026-06-09T07:42:09.950792Z"}2026-06-09T07:42:09.950792+00:00https://vulnerability.circl.lu/sighting/b17c8ad4-bf73-4ed7-8e6e-12728659b0b6/exportb17c8ad4-bf73-4ed7-8e6e-12728659b0b62026-06-19T01:42:55.757155+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "b17c8ad4-bf73-4ed7-8e6e-12728659b0b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/116719977777948801", "content": "The security issues are tracked as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910. They have been addressed in May and impact UniFi OS Server versions 5.0.6 and earlier. https://www.bleepingcomputer.com/news/security/critical-unifi-os-bug-lets-hackers-gain-root-without-authentication/", "creation_timestamp": "2026-06-09T11:45:20.896392Z"}2026-06-09T11:45:20.896392+00:00https://vulnerability.circl.lu/sighting/c09dd812-fa61-4898-ba8b-93a8e3adef35/exportc09dd812-fa61-4898-ba8b-93a8e3adef352026-06-19T01:42:55.757048+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "c09dd812-fa61-4898-ba8b-93a8e3adef35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34909", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/116719977777948801", "content": "The security issues are tracked as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910. They have been addressed in May and impact UniFi OS Server versions 5.0.6 and earlier. https://www.bleepingcomputer.com/news/security/critical-unifi-os-bug-lets-hackers-gain-root-without-authentication/", "creation_timestamp": "2026-06-09T11:45:21.061604Z"}2026-06-09T11:45:21.061604+00:00https://vulnerability.circl.lu/sighting/d0018ceb-ff28-4231-b8ab-1b94293bb032/exportd0018ceb-ff28-4231-b8ab-1b94293bb0322026-06-19T01:42:55.756940+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "d0018ceb-ff28-4231-b8ab-1b94293bb032", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3mnu4pot3nk2c", "content": "The security issues are tracked as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910. They have been addressed in May and impact UniFi OS Server versions 5.0.6 and earlier. www.bleepingcomputer.com/news/securit...", "creation_timestamp": "2026-06-09T11:45:54.671903Z"}2026-06-09T11:45:54.671903+00:00https://vulnerability.circl.lu/sighting/b09ea98a-babf-437c-a519-5e3f8d2fcee4/exportb09ea98a-babf-437c-a519-5e3f8d2fcee42026-06-19T01:42:55.756815+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "b09ea98a-babf-437c-a519-5e3f8d2fcee4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34909", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3mnu4pot3nk2c", "content": "The security issues are tracked as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910. They have been addressed in May and impact UniFi OS Server versions 5.0.6 and earlier. www.bleepingcomputer.com/news/securit...", "creation_timestamp": "2026-06-09T11:45:54.834623Z"}2026-06-09T11:45:54.834623+00:00https://vulnerability.circl.lu/sighting/0db5aed6-e2e1-4b7d-93eb-83d63e46657a/export0db5aed6-e2e1-4b7d-93eb-83d63e46657a2026-06-19T01:42:55.756490+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "0db5aed6-e2e1-4b7d-93eb-83d63e46657a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34902", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mofybxl2vi2a", "content": "CVE-2026-34902 - Stored XSS in WooCommerce Product Table Lite <=4.6.3. Unauthenticated. CVSS 7.1. No patch available yet. Disable the plugin or restrict access now. #CVE #WordPress #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-34902/", "creation_timestamp": "2026-06-16T14:14:33.373702Z"}2026-06-16T14:14:33.373702+00:00https://vulnerability.circl.lu/sighting/04957fd8-66cc-4a85-a6bd-727b28f84d4b/export04957fd8-66cc-4a85-a6bd-727b28f84d4b2026-06-19T01:42:55.752354+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "04957fd8-66cc-4a85-a6bd-727b28f84d4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-3490", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moiuynehzl2h", "content": "CVE-2026-3490 - picklescan - Universal Blocklist Bypass via pkgutil.resolve_name\nCVE ID : CVE-2026-3490\n \n Published : June 17, 2026, 3:05 p.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : picklescan before 1.0.4 fails to block pkgutil.resolve_name, allowing attackers to bypass t...", "creation_timestamp": "2026-06-17T17:53:38.282961Z"}2026-06-17T17:53:38.282961+00:00