https://vulnerability.circl.lu/sightings/feed 2026-05-09T10:54:36.667418+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/298ed445-1fd5-4761-8269-54a059bd30ef/export 2026-05-09T10:54:36.676367+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "298ed445-1fd5-4761-8269-54a059bd30ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4670", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ml2pf3ek4p52", "content": "MOVEit automation flaws could enable full system compromise Progress fixes critical MOVEit Automation flaws, including an authentication bypass bug that could let attackers gain unauthorized access...\n\n#Breaking #News #Security #CVE-2026-4670 #CVE-2026-5174 #Hacking #hacking #news #information [\u2026]", "creation_timestamp": "2026-05-04T22:20:49.769029Z"} 2026-05-04T22:20:49.769029+00:00 https://vulnerability.circl.lu/sighting/94c86e66-9b84-421f-a035-365584e9d64e/export 2026-05-09T10:54:36.676280+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "94c86e66-9b84-421f-a035-365584e9d64e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4670", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3ml4fuifrss2e", "content": "\ud83d\udd17 CVE : CVE-2026-4670, CVE-2026-4670, CVE-2026-5174", "creation_timestamp": "2026-05-05T14:35:23.630829Z"} 2026-05-05T14:35:23.630829+00:00 https://vulnerability.circl.lu/sighting/d0e17ea0-bcf3-409f-9bb8-d34c9a73dee8/export 2026-05-09T10:54:36.676192+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "d0e17ea0-bcf3-409f-9bb8-d34c9a73dee8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4670", "type": "seen", "source": "https://bsky.app/profile/groovysecurity.bsky.social/post/3ml4j7gaprw2q", "content": "MOVEit Automation patched yesterday \u2014 CVE-2026-4670 + CVE-2026-5174, pre-auth chain to admin.\n\nTwo months back, cPanel CVE-2026-41940: 40K servers exploited from Feb 23, patch April 30.\n\nA version banner says \"remediated.\" Whether the exploit still runs on your config is a different question.", "creation_timestamp": "2026-05-05T15:35:09.932100Z"} 2026-05-05T15:35:09.932100+00:00 https://vulnerability.circl.lu/sighting/5da00cd8-ea13-4cc6-af75-3aa2f62389e6/export 2026-05-09T10:54:36.676094+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "5da00cd8-ea13-4cc6-af75-3aa2f62389e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4670", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3ml4jro6tix2d", "content": "Linux kernel flaw CVE-2026-31431 exploited for root access; MOVEit CVE-2026-4670 enables remote breaches; DigiCert revokes 60 certificates after Zhong Stealer exposure; Pentagon advances AI security partnerships. #LinuxSecurity #DataCenter #USA", "creation_timestamp": "2026-05-05T15:45:21.585341Z"} 2026-05-05T15:45:21.585341+00:00 https://vulnerability.circl.lu/sighting/8cf25fa1-caa6-463f-a594-2c3eabb447f7/export 2026-05-09T10:54:36.676000+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "8cf25fa1-caa6-463f-a594-2c3eabb447f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4670", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3ml4mf5zt5d25", "content": "Critical vulnerabilities in MOVEit Automation (CVE-2026-4670 & CVE-2026-5174) demand immediate patching to prevent unauthorized access and privilege escalation. #CyberSecurity #DataProtection #MOVEit Link: thedailytechfeed.com/critical-mov...", "creation_timestamp": "2026-05-05T16:32:03.794576Z"} 2026-05-05T16:32:03.794576+00:00 https://vulnerability.circl.lu/sighting/dac80a83-8213-4bca-af9b-04271a667282/export 2026-05-09T10:54:36.675914+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "dac80a83-8213-4bca-af9b-04271a667282", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4670", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3ml5xk5vwpq2w", "content": "Critical 98 MOVEit Automation Flaw Opens Enterprise File Transfer Systems to Unauthenticated Takeover +\u00a0Video\n\nIntroduction: A critical authentication bypass vulnerability (CVE-2026-4670, CVSS 9.8) and a high-severity privilege escalation flaw (CVE-2026-5174, CVSS 7.7) have been disclosed in\u2026", "creation_timestamp": "2026-05-06T05:24:22.041334Z"} 2026-05-06T05:24:22.041334+00:00 https://vulnerability.circl.lu/sighting/23e2dfdb-5748-400c-bcde-88ba1e270920/export 2026-05-09T10:54:36.675811+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "23e2dfdb-5748-400c-bcde-88ba1e270920", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4670", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0133", "content": "Progress heeft kwetsbaarheden verholpen in MOVEit Automation. De kwetsbaarheid met kenmerk CVE-2026-4670 betreft een bypass van de authenticatie in MOVEit Automation. Een kwaadwillende zonder rechten kan deze kwetsbaarheid misbruiken zonder dat daar gebruikersinteractie voor nodig is. \n\nDe tweede kwetsbaarheid met kenmerk CVE-2026-5174 betreft een onjuiste invoervalidatie in Progress Software MOVEit Automation en maakt privilege-escalatie mogelijk.\n\nDeze kwetsbaarheden zijn aanwezig in versies 2025.0.0 tot maar niet inclusief 2025.0.9, versies 2024.0.0 tot maar niet inclusief 2024.1.8, en alle versies v\u00f3\u00f3r 2024.0.0.", "creation_timestamp": "2026-05-06T07:18:44.000000Z"} 2026-05-06T07:18:44+00:00 https://vulnerability.circl.lu/sighting/3e16be5a-9b85-4c52-be73-84a6c702c1a3/export 2026-05-09T10:54:36.675685+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "3e16be5a-9b85-4c52-be73-84a6c702c1a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4670", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3ml7pk2w5i32s", "content": "CVE-2026-4670 (CVSS 9.8) MOVEit Automation Authentication Bypass\n\nAuth bypass in MOVEit Automation: potential admin access and data exposure.\n\nNo exploitation yet, but impact could be significant if workfl\u2026\n\n\ud83d\udd01 RT @censysio | reposted by @silascutler\nhttps://x.com/censysio/status/2051677821429334419", "creation_timestamp": "2026-05-06T22:06:28.354196Z"} 2026-05-06T22:06:28.354196+00:00 https://vulnerability.circl.lu/sighting/5ebe651b-cc2a-4206-9fd9-b22f8c572022/export 2026-05-09T10:54:36.674681+00:00 Joseph Lee http://cve.circl.lu/user/syspect {"uuid": "5ebe651b-cc2a-4206-9fd9-b22f8c572022", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-4670", "type": "seen", "source": "https://www.cert.se/2026/05/cert-se-veckobrev-v19.html", "content": "", "creation_timestamp": "2026-05-08T06:10:00.000000Z"} 2026-05-08T06:10:00+00:00 https://vulnerability.circl.lu/sighting/66e7a3a4-0f7c-4153-8fb6-1e83eb525475/export 2026-05-09T10:54:36.673225+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "66e7a3a4-0f7c-4153-8fb6-1e83eb525475", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4670", "type": "seen", "source": "https://bsky.app/profile/kubonai.bsky.social/post/3mlelztyknv2s", "content": "CVE-2026-4670: Critical MOVEit Automation Authentication Bypass\n\nCVE-2026-4670 is a critical authentication bypass vulnerability in Progress MOVEit Automation with a CVSS 9.8 score. Affects all...\n\n\ud83d\udd17 https://ipsec.live/blog/cve-2026-4670-moveit-authentication-bypass\n\n#infosec #cybersecurity", "creation_timestamp": "2026-05-08T20:47:01.039500Z"} 2026-05-08T20:47:01.039500+00:00