<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-11T17:38:41.687057+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/84d4af59-6abe-4846-93a1-8873f69daa27/export</id>
    <title>84d4af59-6abe-4846-93a1-8873f69daa27</title>
    <updated>2026-07-11T17:38:41.709219+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "84d4af59-6abe-4846-93a1-8873f69daa27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://bsky.app/profile/qiancx.bsky.social/post/3mqdgk5sbg326", "content": "Joomla iCagenda \u63d2\u4ef6\u6f0f\u6d1e CVE-2026-48939:\u4efb\u610f\u6587\u4ef6\u4e0a\u4f20\u98ce\u9669\u4e0e\u5b89\u5168\u9632\u62a4\u6307\u5357\n\n\n\nhttps://qian.cx/posts/5DD651F3-1137-44AF-A3D0-A0FD2F28CEA2", "creation_timestamp": "2026-07-11T00:42:04.147611Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/84d4af59-6abe-4846-93a1-8873f69daa27/export"/>
    <published>2026-07-11T00:42:04.147611+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6aeaae95-3095-4bed-a781-4fb73d453c01/export</id>
    <title>6aeaae95-3095-4bed-a781-4fb73d453c01</title>
    <updated>2026-07-11T17:38:41.711072+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6aeaae95-3095-4bed-a781-4fb73d453c01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdgjw633j2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-48939 \u0432 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0438 iCagenda \u0434\u043b\u044f Joomla: \u0443\u0433\u0440\u043e\u0437\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432\n\n\n\nhttps://kripta.biz/posts/A1AB5475-6F6B-416C-A06D-67A3D02545AD", "creation_timestamp": "2026-07-11T00:41:56.155499Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6aeaae95-3095-4bed-a781-4fb73d453c01/export"/>
    <published>2026-07-11T00:41:56.155499+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e370c894-aca2-4d93-aff9-c4e1429c8503/export</id>
    <title>e370c894-aca2-4d93-aff9-c4e1429c8503</title>
    <updated>2026-07-11T17:38:41.711205+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e370c894-aca2-4d93-aff9-c4e1429c8503", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdek725kc2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-48939 \u0432 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0438 iCagenda \u0434\u043b\u044f Joomla: \u0443\u0433\u0440\u043e\u0437\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432\n\n\n\nhttps://kripta.biz/posts/394E4504-A538-422A-9DE6-D5EC7D4CA278", "creation_timestamp": "2026-07-11T00:06:18.378442Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e370c894-aca2-4d93-aff9-c4e1429c8503/export"/>
    <published>2026-07-11T00:06:18.378442+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1c5306a1-1caa-4f7d-9b50-b86f614471cd/export</id>
    <title>1c5306a1-1caa-4f7d-9b50-b86f614471cd</title>
    <updated>2026-07-11T17:38:41.711316+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "1c5306a1-1caa-4f7d-9b50-b86f614471cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6961009", "content": "2026-07-10: [CVE-2026-48939] iCagenda Unrestricted Upload of File with Dangerous Type VulnerabilityiCagenda contains an unrestricted upload of file with dangerous type vulnerability that allows the upload of arbitrary files in the file attachment feature, ultimately resulting in PHP code upload and execution.\ncisakev", "creation_timestamp": "2026-07-10T21:00:25.313943Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1c5306a1-1caa-4f7d-9b50-b86f614471cd/export"/>
    <published>2026-07-10T21:00:25.313943+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a16f6222-bd3f-4cfa-b52a-289d73661f46/export</id>
    <title>a16f6222-bd3f-4cfa-b52a-289d73661f46</title>
    <updated>2026-07-11T17:38:41.711419+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a16f6222-bd3f-4cfa-b52a-289d73661f46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3mqcww6zvhz2f", "content": "CISA Adds Two Known Exploited Vulnerabilities to Catalog\nCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-48939 iCagenda Unrestricted Upload\u2026\n\n\ud83d\udd17 https://hnow.live/a/1160719f", "creation_timestamp": "2026-07-10T20:02:28.893487Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a16f6222-bd3f-4cfa-b52a-289d73661f46/export"/>
    <published>2026-07-10T20:02:28.893487+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/67235208-0c79-4d47-9f64-abd35b53e369/export</id>
    <title>67235208-0c79-4d47-9f64-abd35b53e369</title>
    <updated>2026-07-11T17:38:41.711518+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "67235208-0c79-4d47-9f64-abd35b53e369", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mqcr534agp2j", "content": "\ud83d\uded1 CVE-2026-48939\niCagenda iCagenda\nCVSS 10.0 / EPSS 1% / KEV \u2705\nTL;DR: A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files \u2026\nhttps://cvesentinel.com/report/CVE-2026-48939?utm_source=bluesky&amp;amp;utm_medium=social&amp;amp;utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-07-10T18:18:56.671002Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/67235208-0c79-4d47-9f64-abd35b53e369/export"/>
    <published>2026-07-10T18:18:56.671002+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b45bc1a1-6801-4c16-8b4e-503de277637b/export</id>
    <title>b45bc1a1-6801-4c16-8b4e-503de277637b</title>
    <updated>2026-07-11T17:38:41.711618+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b45bc1a1-6801-4c16-8b4e-503de277637b", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/e8ce3b4b-518e-4cc5-ad71-9781806a54ef", "content": "", "creation_timestamp": "2026-07-10T18:00:24.561275Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b45bc1a1-6801-4c16-8b4e-503de277637b/export"/>
    <published>2026-07-10T18:00:24.561275+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9a65cd2e-aa10-4798-9e2c-5aae9d583c9f/export</id>
    <title>9a65cd2e-aa10-4798-9e2c-5aae9d583c9f</title>
    <updated>2026-07-11T17:38:41.711712+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9a65cd2e-aa10-4798-9e2c-5aae9d583c9f", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/349ea528-8815-4e8a-812a-918abda44b5f", "content": "", "creation_timestamp": "2026-07-10T18:00:02.701206Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9a65cd2e-aa10-4798-9e2c-5aae9d583c9f/export"/>
    <published>2026-07-10T18:00:02.701206+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3049c782-5bd4-44f0-bd93-16c94bc32fc0/export</id>
    <title>3049c782-5bd4-44f0-bd93-16c94bc32fc0</title>
    <updated>2026-07-11T17:38:41.711805+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3049c782-5bd4-44f0-bd93-16c94bc32fc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqcp6rngha2b", "content": "CVE-2026-48939 - icagenda [known exploited]\nThe iCagenda extension for Joomla allows attackers to upload malicious files, potentially leading to the execution of PHP code. This could compromise the security\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#icagenda #joomlic #CVE #infosec", "creation_timestamp": "2026-07-10T17:44:06.935410Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3049c782-5bd4-44f0-bd93-16c94bc32fc0/export"/>
    <published>2026-07-10T17:44:06.935410+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/0ca0bbd1-d8d0-4e95-906d-caf0e915a2c4/export</id>
    <title>0ca0bbd1-d8d0-4e95-906d-caf0e915a2c4</title>
    <updated>2026-07-11T17:38:41.711903+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "0ca0bbd1-d8d0-4e95-906d-caf0e915a2c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116896829543133479", "content": "CISA has added two vulnerabilities to the KEV catalogue.\n-  CVE-2026-48939: iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-48939\n-  CVE-2026-56291: Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-56291 #CISA #infosec #vulnerability", "creation_timestamp": "2026-07-10T17:21:04.761918Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/0ca0bbd1-d8d0-4e95-906d-caf0e915a2c4/export"/>
    <published>2026-07-10T17:21:04.761918+00:00</published>
  </entry>
</feed>
