<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-03T11:07:39.153491+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ac3d8681-3063-4a49-a72f-f0d6c5ff1118/export</id>
    <title>ac3d8681-3063-4a49-a72f-f0d6c5ff1118</title>
    <updated>2026-07-03T11:07:39.179679+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ac3d8681-3063-4a49-a72f-f0d6c5ff1118", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4767", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mppnxov22g2i", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-4767 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 TR7 Cyber Defense: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/193DCDDE-A123-46DF-B380-58836ACD9C9A", "creation_timestamp": "2026-07-03T04:01:39.895076Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ac3d8681-3063-4a49-a72f-f0d6c5ff1118/export"/>
    <published>2026-07-03T04:01:39.895076+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3076a30f-e86e-4ed3-a51e-9ad35b47e3f1/export</id>
    <title>3076a30f-e86e-4ed3-a51e-9ad35b47e3f1</title>
    <updated>2026-07-03T11:07:39.183848+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3076a30f-e86e-4ed3-a51e-9ad35b47e3f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4767", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3mpofn66j252j", "content": "\ud83d\udc1b VULNERABILITIES CVE Notify: \ud83d\udea8 [CVE-2026-4767](https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0487)\nMissing auth...\nhttps://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0487 #Vulnerability #CVE #ZeroDay", "creation_timestamp": "2026-07-02T15:59:57.246063Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3076a30f-e86e-4ed3-a51e-9ad35b47e3f1/export"/>
    <published>2026-07-02T15:59:57.246063+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/38d632b0-1d12-46e3-9bc1-862be9ffa82a/export</id>
    <title>38d632b0-1d12-46e3-9bc1-862be9ffa82a</title>
    <updated>2026-07-03T11:07:39.184004+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "38d632b0-1d12-46e3-9bc1-862be9ffa82a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4767", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpoe2bhq6y2a", "content": "CVE-2026-4767 - Improper Access Control in TR7's WAF-ASP\nCVE ID : CVE-2026-4767\n \n Published : July 2, 2026, 1:12 p.m. | 2\u00a0hours ago\n \n Description : Missing authentication for critical function vulnerability in TR7 Cyber \u200b\u200bDefense Inc. WAF-ASP allows Authentication Abuse.\n\nTh...", "creation_timestamp": "2026-07-02T15:31:29.483158Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/38d632b0-1d12-46e3-9bc1-862be9ffa82a/export"/>
    <published>2026-07-02T15:31:29.483158+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e4ca4499-1dd8-4b3f-b9cb-4bbbfba6cf7d/export</id>
    <title>e4ca4499-1dd8-4b3f-b9cb-4bbbfba6cf7d</title>
    <updated>2026-07-03T11:07:39.184114+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e4ca4499-1dd8-4b3f-b9cb-4bbbfba6cf7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47670", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-47670.yaml", "content": "", "creation_timestamp": "2026-06-15T06:58:24.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e4ca4499-1dd8-4b3f-b9cb-4bbbfba6cf7d/export"/>
    <published>2026-06-15T06:58:24+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/aa1a1ec5-992a-40b6-b4d0-ee5ad1945818/export</id>
    <title>aa1a1ec5-992a-40b6-b4d0-ee5ad1945818</title>
    <updated>2026-07-03T11:07:39.184228+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "aa1a1ec5-992a-40b6-b4d0-ee5ad1945818", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47676", "type": "seen", "source": "https://gist.github.com/alon710/9a85ace33b5f15b6d07a68897c3ce675", "content": "# CVE-2026-47676: CVE-2026-47676: Inconsistent Path Parsing and Slicing in Hono Framework Sub-Application Mounting\n\n&amp;gt; **CVSS Score:** 5.3\n&amp;gt; **Published:** 2026-06-04\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-47676\n\n## Summary\nA path parsing and normalization inconsistency vulnerability exists in the Hono web framework prior to version 4.12.21. When hosting sub-applications via the app.mount() routing interface, Hono calculates the routing path prefix length on a percent-decoded representation of the URI but executes the path-slicing offset on the raw, percent-encoded string. This discrepancy results in malformed request paths being dispatched to mounted sub-applications, potentially leading to route bypasses, route confusion, and application-level Denial of Service.\n\n## TL;DR\nAn inconsistency between decoded prefix matching and raw path-slicing in Hono's app.mount() causes malformed path propagation and routing failures when processing percent-encoded multi-byte URI characters.\n\n## Technical Details\n\n- **CWE ID**: CWE-444 (Inconsistent Interpretation of HTTP Requests)\n- **Attack Vector**: Network (AV:N)\n- **CVSS Severity**: 5.3 Medium\n- **Exploit Status**: Proof of Concept available in test suites\n- **KEV Status**: Not listed\n- **Ransomware Use**: No known usage\n\n## Affected Systems\n\n- Hono framework web applications running on Node.js, Bun, Deno, or Cloudflare Workers\n- **hono**: &amp;lt; 4.12.21 (Fixed in: `4.12.21`)\n\n## Mitigation\n\n- Upgrade Hono dependencies to version 4.12.21 or higher\n- Ensure all mount prefixes are defined strictly using Unicode literals rather than percent-encoded strings\n- Implement a global catch-all exception handler to catch unhandled URIErrors resulting from malformed HTTP paths\n\n**Remediation Steps:**\n1. Identify all projects utilizing Hono by running 'npm ls hono' or equivalent package manager commands\n2. Update the project package.json to require 'hono': '^4.12.21' or higher\n3. Execute the package manager install command to apply the update ('npm install' or 'pnpm install')\n4. Review codebase usage of 'app.mount' to ensure prefixes do not contain hardcoded percent-encoded characters\n5. Re-deploy the application to production and run regression tests containing non-ASCII route characters\n\n## References\n\n- [Hono Security Advisory GHSA-2gcr-mfcq-wcc3](https://github.com/honojs/hono/security/advisories/GHSA-2gcr-mfcq-wcc3)\n- [Fix Commit 6cbb025](https://github.com/honojs/hono/commit/6cbb025ff87fca1a3d00d0ccca0eaf3a6385c3f1)\n- [CVE-2026-47676 Record](https://www.cve.org/CVERecord?id=CVE-2026-47676)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-47676) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-04T18:41:16.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/aa1a1ec5-992a-40b6-b4d0-ee5ad1945818/export"/>
    <published>2026-06-04T18:41:16+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/81ca0a65-a675-4386-897f-f3ead497839a/export</id>
    <title>81ca0a65-a675-4386-897f-f3ead497839a</title>
    <updated>2026-07-03T11:07:39.184352+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cve.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "81ca0a65-a675-4386-897f-f3ead497839a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-47670", "type": "published-proof-of-concept", "source": "https://github.com/dbgate/dbgate/security/advisories/GHSA-wm5r-5qp3-5vxf", "content": "", "creation_timestamp": "2026-05-20T09:31:12.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/81ca0a65-a675-4386-897f-f3ead497839a/export"/>
    <published>2026-05-20T09:31:12+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/87fe8521-3ee0-4f66-b2d7-fda7a4ad3e88/export</id>
    <title>87fe8521-3ee0-4f66-b2d7-fda7a4ad3e88</title>
    <updated>2026-07-03T11:07:39.186076+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cve.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "87fe8521-3ee0-4f66-b2d7-fda7a4ad3e88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-47671", "type": "published-proof-of-concept", "source": "https://github.com/nhost/nhost/security/advisories/GHSA-64cj-qvx5-m4f3", "content": "", "creation_timestamp": "2026-05-19T11:17:06.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/87fe8521-3ee0-4f66-b2d7-fda7a4ad3e88/export"/>
    <published>2026-05-19T11:17:06+00:00</published>
  </entry>
</feed>
