<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-14T02:34:23.935865+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/48553d6a-e8d7-4430-b006-3877481f16e5/export</id>
    <title>48553d6a-e8d7-4430-b006-3877481f16e5</title>
    <updated>2026-07-14T02:34:23.955171+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "48553d6a-e8d7-4430-b006-3877481f16e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4769", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqjgvs2k2e2g", "content": "CVE-2026-4769 - Unauthenticated Access to Internal Diagnostic Interface\nCVE ID : CVE-2026-4769\n \n Published : July 13, 2026, 8:16 a.m. | 1\u00a0hour, 13\u00a0minutes ago\n \n Description : Certain devices in the WAGO System I/O Field series activate an internal diagnostic capability durin...", "creation_timestamp": "2026-07-13T10:04:33.200420Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/48553d6a-e8d7-4430-b006-3877481f16e5/export"/>
    <published>2026-07-13T10:04:33.200420+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a8d40e93-45b7-4edb-a3d7-ef1bfecd730f/export</id>
    <title>a8d40e93-45b7-4edb-a3d7-ef1bfecd730f</title>
    <updated>2026-07-14T02:34:23.957992+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a8d40e93-45b7-4edb-a3d7-ef1bfecd730f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4769", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqjdqsvy422q", "content": "CVE-2026-4769\nWAGO System I/O Field devices have a hidden diagnostic mode that becomes accessible for a short time during startup. This allows an attacker to access the device's internal processes without a password,\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-13T09:08:05.262963Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a8d40e93-45b7-4edb-a3d7-ef1bfecd730f/export"/>
    <published>2026-07-13T09:08:05.262963+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7cc893dc-ad37-417c-9912-ea1cd40c5970/export</id>
    <title>7cc893dc-ad37-417c-9912-ea1cd40c5970</title>
    <updated>2026-07-14T02:34:23.958315+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7cc893dc-ad37-417c-9912-ea1cd40c5970", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4769", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjbmvfwld2x", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-4769 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 WAGO System I/O Field: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/EE685329-225C-40E1-9380-2C16BAB2E3C8", "creation_timestamp": "2026-07-13T08:30:05.774274Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7cc893dc-ad37-417c-9912-ea1cd40c5970/export"/>
    <published>2026-07-13T08:30:05.774274+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f6a30275-5834-4d54-8405-992d68353348/export</id>
    <title>f6a30275-5834-4d54-8405-992d68353348</title>
    <updated>2026-07-14T02:34:23.958434+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f6a30275-5834-4d54-8405-992d68353348", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4769", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mqj7nsuneh2l", "content": "CVE-2026-4769 exposes WAGO System I/O field devices. An early-boot flaw lets an unauthenticated attacker reach full system compromise.\n#WAGO #CVE20264769 #ICS #OTSecurity #Firmware", "creation_timestamp": "2026-07-13T07:54:49.692305Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f6a30275-5834-4d54-8405-992d68353348/export"/>
    <published>2026-07-13T07:54:49.692305+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/cd489a8e-b1bf-4f60-a441-fabd633c3214/export</id>
    <title>cd489a8e-b1bf-4f60-a441-fabd633c3214</title>
    <updated>2026-07-14T02:34:23.958544+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "cd489a8e-b1bf-4f60-a441-fabd633c3214", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4769", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/116911458109125585", "content": "#OT #Advisory VDE-2026-031WAGO: Early-Boot Diagnostic Exposure in WAGO System I/O Field Devices\nCertain devices in the WAGO System I/O Field series enable an internal diagnostic capability during the initial stages of system startup. This behavior, which is not part of the publicly documented feature set, briefly allows access to system functions before the main operating environment becomes fully active. Under specific conditions, this could permit interactions with system components that are normally protected during regular operation.#CVE CVE-2026-4769\nhttps://certvde.com/en/advisories/vde-2026-031/\n#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-031.json", "creation_timestamp": "2026-07-13T07:21:18.817698Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/cd489a8e-b1bf-4f60-a441-fabd633c3214/export"/>
    <published>2026-07-13T07:21:18.817698+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4df31260-ad54-40a9-9e56-9fb0e42bdc32/export</id>
    <title>4df31260-ad54-40a9-9e56-9fb0e42bdc32</title>
    <updated>2026-07-14T02:34:23.958653+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "4df31260-ad54-40a9-9e56-9fb0e42bdc32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47691", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqckarmtam2z", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-47691 \u0432 Netty: \u0443\u0433\u0440\u043e\u0437\u044b, \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/B582FC38-17A2-4488-A200-50DD22169788", "creation_timestamp": "2026-07-10T16:15:44.713345Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4df31260-ad54-40a9-9e56-9fb0e42bdc32/export"/>
    <published>2026-07-10T16:15:44.713345+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/56cd9900-69e5-48f1-90ff-a7bee3a675fd/export</id>
    <title>56cd9900-69e5-48f1-90ff-a7bee3a675fd</title>
    <updated>2026-07-14T02:34:23.958747+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "56cd9900-69e5-48f1-90ff-a7bee3a675fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47693", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moylvgrwcv26", "content": "CVE-2026-47693 - Poweradmin: CSV Injection in log export endpoints allows formula execution in spreadsheet applications\nCVE ID : CVE-2026-47693\n \n Published : June 23, 2026, 10:07 p.m. | 1\u00a0hour, 36\u00a0minutes ago\n \n Description : Poweradmin is a web-based DNS administration tool ...", "creation_timestamp": "2026-06-23T23:53:22.907171Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/56cd9900-69e5-48f1-90ff-a7bee3a675fd/export"/>
    <published>2026-06-23T23:53:22.907171+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/55b3ad9b-3c83-44b5-ae80-eb3d5a2ae3eb/export</id>
    <title>55b3ad9b-3c83-44b5-ae80-eb3d5a2ae3eb</title>
    <updated>2026-07-14T02:34:23.958841+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "55b3ad9b-3c83-44b5-ae80-eb3d5a2ae3eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47691", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motmm7mcgv2b", "content": "\ud83d\udea8  ALERT: CVE-2026-47691\n\nCVSS 8.7/10\n\n\ud83d\udccb WHAT IT IS:\nNetty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's `DnsResolveContext` insufficiently validates the bailiwick of NS records, enabling DNS Cache Poison", "creation_timestamp": "2026-06-22T00:22:48.271731Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/55b3ad9b-3c83-44b5-ae80-eb3d5a2ae3eb/export"/>
    <published>2026-06-22T00:22:48.271731+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a4ef133b-1a8b-4877-aea7-027eeee35934/export</id>
    <title>a4ef133b-1a8b-4877-aea7-027eeee35934</title>
    <updated>2026-07-14T02:34:23.958936+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a4ef133b-1a8b-4877-aea7-027eeee35934", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47691", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3modpjvgdrq22", "content": "\ud83d\udea8 HIGH: CVE-2026-47691\n\nCVSS 8.7/10\n\n\ud83d\udccb WHAT IT IS:\nNetty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's `DnsResolveContext` insufficiently validates the bailiwick of NS records, enabling DNS Cache Poisonin", "creation_timestamp": "2026-06-15T16:32:35.812586Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a4ef133b-1a8b-4877-aea7-027eeee35934/export"/>
    <published>2026-06-15T16:32:35.812586+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/65e49cb4-862a-4290-a7a3-ead9903be7f0/export</id>
    <title>65e49cb4-862a-4290-a7a3-ead9903be7f0</title>
    <updated>2026-07-14T02:34:23.959027+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "65e49cb4-862a-4290-a7a3-ead9903be7f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47691", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3moccjm3qzg2i", "content": "\ud83d\udccc CVE-2026-47691 - Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's `D... https://www.cyberhub.blog/cves/CVE-2026-47691", "creation_timestamp": "2026-06-15T03:07:08.033556Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/65e49cb4-862a-4290-a7a3-ead9903be7f0/export"/>
    <published>2026-06-15T03:07:08.033556+00:00</published>
  </entry>
</feed>
