https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-05-27T23:25:48.752034+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/a993ad22-4bbb-4a9f-ba10-9e179ff95b75/exporta993ad22-4bbb-4a9f-ba10-9e179ff95b752026-05-27T23:25:48.760907+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "a993ad22-4bbb-4a9f-ba10-9e179ff95b75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9256", "type": "seen", "source": "https://bsky.app/profile/r-netsec.bsky.social/post/3mmhqhrizki2g", "content": "CVE-2026-9256 - \"nginx-poolslip\", another new vulnerability in the rewrite module", "creation_timestamp": "2026-05-22T20:09:34.185879Z"}2026-05-22T20:09:34.185879+00:00https://vulnerability.circl.lu/sighting/6ab8f904-e88b-4603-90b6-a99a3f12ed6a/export6ab8f904-e88b-4603-90b6-a99a3f12ed6a2026-05-27T23:25:48.760824+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "6ab8f904-e88b-4603-90b6-a99a3f12ed6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9256", "type": "seen", "source": "https://mstdn.social/users/jschauma/statuses/116620852119462759", "content": "The previous announced sibling vulnerability to \"nginx rift\" has been fixed by F5 and has been assigned CVE-2026-9256):\nhttps://my.f5.com/manage/s/article/K000161377\nThis was previously called \"nginx-poolslip\" (https://nitter.net/nebusecurity/status/2057071579876753643) and is a DoS with possible RCE (\"if the attacker can bypass ASLR\" - not sure how?), using a similar regex capture vector.\nWouldn't be surprised if this is the new norm: one vuln lands, everybody points their AI at that attack vector and discovers sibling vulns.", "creation_timestamp": "2026-05-22T23:36:24.040138Z"}2026-05-22T23:36:24.040138+00:00https://vulnerability.circl.lu/sighting/66fe738e-15e6-4d80-839a-a3c1e28ed090/export66fe738e-15e6-4d80-839a-a3c1e28ed0902026-05-27T23:25:48.760741+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "66fe738e-15e6-4d80-839a-a3c1e28ed090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9256", "type": "seen", "source": "https://bsky.app/profile/jschauma.mstdn.social.ap.brid.gy/post/3mmi3znywbij2", "content": "The previous announced sibling vulnerability to \"nginx rift\" has been fixed by F5 and has been assigned CVE-2026-9256):\n\nhttps://my.f5.com/manage/s/article/K000161377\n\nThis was previously called \"nginx-poolslip\" (https://nitter.net/nebusecurity/status/2057071579876753643) and is a DoS with [\u2026]", "creation_timestamp": "2026-05-22T23:36:29.984102Z"}2026-05-22T23:36:29.984102+00:00https://vulnerability.circl.lu/sighting/968143dc-f4c9-4e90-b176-6e02298a9939/export968143dc-f4c9-4e90-b176-6e02298a99392026-05-27T23:25:48.760666+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "968143dc-f4c9-4e90-b176-6e02298a9939", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9256", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mmiang525h2v", "content": "NGINX ngx_http_rewrite_module buffer overflow (CVE-2026-9256)", "creation_timestamp": "2026-05-23T00:59:06.066348Z"}2026-05-23T00:59:06.066348+00:00https://vulnerability.circl.lu/sighting/df5a809a-8ec5-4129-81aa-8da6e6663e6e/exportdf5a809a-8ec5-4129-81aa-8da6e6663e6e2026-05-27T23:25:48.760587+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "df5a809a-8ec5-4129-81aa-8da6e6663e6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9256", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116622178040678966", "content": "It is possible to see elevated activities targeting F5 NGINX Plus and NGINX Open Source (CVE-2026-9256) https://vuldb.com/vuln/365202/cti", "creation_timestamp": "2026-05-23T05:13:35.169271Z"}2026-05-23T05:13:35.169271+00:00https://vulnerability.circl.lu/sighting/32579c91-3e90-4298-888b-e79cc6184ad6/export32579c91-3e90-4298-888b-e79cc6184ad62026-05-27T23:25:48.760474+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "32579c91-3e90-4298-888b-e79cc6184ad6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9256", "type": "seen", "source": "Telegram/tLTaf5zN9aUn_D8KOi_rgxptZENw0EocHmy4bQpa2VASaD8", "content": "", "creation_timestamp": "2026-05-24T09:00:04.000000Z"}2026-05-24T09:00:04+00:00https://vulnerability.circl.lu/sighting/2b0d65c5-054f-4be9-8ca1-c4487376a29b/export2b0d65c5-054f-4be9-8ca1-c4487376a29b2026-05-27T23:25:48.759693+00:00Joseph Leehttps://cve.circl.lu/user/syspect{"uuid": "2b0d65c5-054f-4be9-8ca1-c4487376a29b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-9256", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/cpanel-security-advisory-av26-508", "content": "", "creation_timestamp": "2026-05-25T07:30:43.000000Z"}2026-05-25T07:30:43+00:00https://vulnerability.circl.lu/sighting/d0f7d43c-c5b3-4a44-a758-3aea567a237c/exportd0f7d43c-c5b3-4a44-a758-3aea567a237c2026-05-27T23:25:48.759590+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "d0f7d43c-c5b3-4a44-a758-3aea567a237c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9256", "type": "seen", "source": "https://t.me/bdufstecru/3194", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0434\u0443\u043b\u044f ngx_http_rewrite_module \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 NGINX Plus \u0438 NGINX Open Source \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0430\n\nBDU:2026-07182\nCVE-2026-9256\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://my.f5.com/manage/s/article/K000161377", "creation_timestamp": "2026-05-25T14:46:51.000000Z"}2026-05-25T14:46:51+00:00https://vulnerability.circl.lu/sighting/5f40839a-f4e0-41a1-90c8-4f07d8f288e3/export5f40839a-f4e0-41a1-90c8-4f07d8f288e32026-05-27T23:25:48.759466+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "5f40839a-f4e0-41a1-90c8-4f07d8f288e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9256", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mmoui27mho26", "content": "~Cybergcca~\nCCCS released 7 advisories for IBM, Roundcube, Dell, Ubuntu, CISA ICS, Red Hat, and cPanel.\n-\nIOCs: CVE-2026-9256\n-\n#Patch #ThreatIntel #Vulnerability", "creation_timestamp": "2026-05-25T16:09:56.663682Z"}2026-05-25T16:09:56.663682+00:00https://vulnerability.circl.lu/sighting/e56a475d-524c-499b-922f-7a908b1ccd73/exporte56a475d-524c-499b-922f-7a908b1ccd732026-05-27T23:25:48.758373+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "e56a475d-524c-499b-922f-7a908b1ccd73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9256", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmr375cpjn2h", "content": "\ud83d\udd17 CVE : CVE-2026-9256", "creation_timestamp": "2026-05-26T13:15:33.798628Z"}2026-05-26T13:15:33.798628+00:00