<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-12T17:27:32.475571+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/cda4d073-60c0-42a6-b711-b655d497ebc3/export</id>
    <title>cda4d073-60c0-42a6-b711-b655d497ebc3</title>
    <updated>2026-07-12T17:27:32.496908+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "cda4d073-60c0-42a6-b711-b655d497ebc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-61876", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqhbx44fvl2j", "content": "CRITICAL XSS in OpenWrt LuCI (CVE-2026-61876): Attackers on your network can inject scripts via DHCPv6 hostnames, targeting admin browsers. Restrict access &amp;amp; check advisories for patches. https://radar.offseq.com/threat/cve-2026-61876-improper-neutralization-of-input-du-90cbeb597700a4fd #OffSeq #...", "creation_timestamp": "2026-07-12T13:30:29.533687Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/cda4d073-60c0-42a6-b711-b655d497ebc3/export"/>
    <published>2026-07-12T13:30:29.533687+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d11300f6-18d7-442f-aed9-a2353209c517/export</id>
    <title>d11300f6-18d7-442f-aed9-a2353209c517</title>
    <updated>2026-07-12T17:27:32.499083+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d11300f6-18d7-442f-aed9-a2353209c517", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-61876", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116907247335811041", "content": "OpenWrt LuCI hit by CRITICAL XSS (CVE-2026-61876, CVSS 9.4): DHCPv6 hostnames not properly encoded, enabling adjacent attackers to inject scripts into admin browsers. Restrict interface access, monitor advisories. https://radar.offseq.com/threat/cve-2026-61876-improper-neutralization-of-input-du-90cbeb597700a4fd #OffSeq #OpenWrt #XSS #Infosec", "creation_timestamp": "2026-07-12T13:30:27.742420Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d11300f6-18d7-442f-aed9-a2353209c517/export"/>
    <published>2026-07-12T13:30:27.742420+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8d25d237-0ff3-489a-b9b8-47dc1a03555e/export</id>
    <title>8d25d237-0ff3-489a-b9b8-47dc1a03555e</title>
    <updated>2026-07-12T17:27:32.499264+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8d25d237-0ff3-489a-b9b8-47dc1a03555e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61876", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqhawwrokk27", "content": "CVE-2026-61876 - LuCI DHCPv6 Lease Hostname Stored Cross-Site Scripting\nCVE ID : CVE-2026-61876\n \n Published : July 12, 2026, 12:16 p.m. | 16\u00a0minutes ago\n \n Description : LuCI versions fail to properly encode DHCPv6 lease hostnames before rendering in status tables, allowing a...", "creation_timestamp": "2026-07-12T13:12:29.728444Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8d25d237-0ff3-489a-b9b8-47dc1a03555e/export"/>
    <published>2026-07-12T13:12:29.728444+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/98be33ec-09c0-4a6f-9010-04a83b77f3b1/export</id>
    <title>98be33ec-09c0-4a6f-9010-04a83b77f3b1</title>
    <updated>2026-07-12T17:27:32.499410+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "98be33ec-09c0-4a6f-9010-04a83b77f3b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61876", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqhabnqobz2k", "content": "\ud83d\udfe0 CVE-2026-61876 - High (8.8)\n\nLuCI versions fail to properly encode DHCPv6 lease hostnames before rendering in status tables, a...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-61876/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-12T13:00:35.941323Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/98be33ec-09c0-4a6f-9010-04a83b77f3b1/export"/>
    <published>2026-07-12T13:00:35.941323+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a99c3f83-36bc-4f94-b201-803144bc5c1a/export</id>
    <title>a99c3f83-36bc-4f94-b201-803144bc5c1a</title>
    <updated>2026-07-12T17:27:32.499556+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a99c3f83-36bc-4f94-b201-803144bc5c1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61876", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqh7hqwuyt2t", "content": "CVE-2026-61876 - luci\nAn attacker on the same network can inject malicious code into LuCI's DHCP lease pages, potentially allowing them to take control of an administrator's browser. This vulnerability affects\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#luci #openwrt #CVE #infosec", "creation_timestamp": "2026-07-12T12:46:06.467960Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a99c3f83-36bc-4f94-b201-803144bc5c1a/export"/>
    <published>2026-07-12T12:46:06.467960+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b4854d25-53b9-4c58-9c14-714771099ef4/export</id>
    <title>b4854d25-53b9-4c58-9c14-714771099ef4</title>
    <updated>2026-07-12T17:27:32.499704+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b4854d25-53b9-4c58-9c14-714771099ef4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61876", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqh6fkg4lk2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-61876 \u0432 LuCI: \u0440\u0438\u0441\u043a\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/AEF34173-ABD7-41C1-A44D-39C2BD0AD815", "creation_timestamp": "2026-07-12T12:26:59.221298Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b4854d25-53b9-4c58-9c14-714771099ef4/export"/>
    <published>2026-07-12T12:26:59.221298+00:00</published>
  </entry>
</feed>
