Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-29T06:28:34.045048+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/e92f2d48-9c2e-4a6e-a6f7-5044ccedf511/export e92f2d48-9c2e-4a6e-a6f7-5044ccedf511 2026-06-29T06:28:34.075234+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "e92f2d48-9c2e-4a6e-a6f7-5044ccedf511", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/sen-perimetered.bsky.social/post/3moj2sy35gb2a", "content": "CVE-2026-10520 \u2014 Ivanti Sentry. Unauthenticated OS command injection \u2192 root RCE. CISA KEV deadline passed June 14. Vector: externally reachable MDM gateway. If the appliance isn't behind mTLS or Neurons for MDM, it's exposed. Patch or disconnect.", "creation_timestamp": "2026-06-17T19:37:50.416366Z"} 2026-06-17T19:37:50.416366+00:00 https://vulnerability.circl.lu/sighting/6fa3cfba-2437-4de8-a92f-810773ef9da6/export 6fa3cfba-2437-4de8-a92f-810773ef9da6 2026-06-29T06:28:34.075145+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "6fa3cfba-2437-4de8-a92f-810773ef9da6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-06-18)", "content": "", "creation_timestamp": "2026-06-18T00:00:00.000000Z"} 2026-06-18T00:00:00+00:00 https://vulnerability.circl.lu/sighting/71d522a5-0b6d-422c-a539-3ba20230d8ad/export 71d522a5-0b6d-422c-a539-3ba20230d8ad 2026-06-29T06:28:34.075051+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "71d522a5-0b6d-422c-a539-3ba20230d8ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/newstecnicas.com/post/3mold76bpv22p", "content": "\ud83d\udee1\ufe0f Manual T\u00e9cnico de Mitigaci\u00f3n: #Vulnerabilidades CVE-2026-10520 y CVE-2026-10523 en Ivanti Sentry www.newstecnicas.com/2026/06/manu...", "creation_timestamp": "2026-06-18T17:13:12.600303Z"} 2026-06-18T17:13:12.600303+00:00 https://vulnerability.circl.lu/sighting/7905a807-dcb5-450d-934b-e02ff6e95077/export 7905a807-dcb5-450d-934b-e02ff6e95077 2026-06-29T06:28:34.074961+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "7905a807-dcb5-450d-934b-e02ff6e95077", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-06-19)", "content": "", "creation_timestamp": "2026-06-19T00:00:00.000000Z"} 2026-06-19T00:00:00+00:00 https://vulnerability.circl.lu/sighting/5edee708-a9f0-49a8-b0b2-bceb078e8807/export 5edee708-a9f0-49a8-b0b2-bceb078e8807 2026-06-29T06:28:34.074866+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "5edee708-a9f0-49a8-b0b2-bceb078e8807", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mona64h35v27", "content": "Cisco, Chrome, Exchange - one week, four critical CVEs. Attackers are weaving them into chains before most teams finish patching the first.\n\nCVE-2026-10520 in Chrome.\n\nhttps://www.yazoul.net/news/article/2026-w24-weekly-threat-roundup/\n\n#CVE #CyberSecurity", "creation_timestamp": "2026-06-19T11:24:12.009213Z"} 2026-06-19T11:24:12.009213+00:00 https://vulnerability.circl.lu/sighting/f2bc98bf-d3a3-4945-b54a-341941cc613b/export f2bc98bf-d3a3-4945-b54a-341941cc613b 2026-06-29T06:28:34.074775+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "f2bc98bf-d3a3-4945-b54a-341941cc613b", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a47e58e9-cec3-49eb-a773-e90d0232fa1a", "content": "", "creation_timestamp": "2026-06-19T12:45:07.531932Z"} 2026-06-19T12:45:07.531932+00:00 https://vulnerability.circl.lu/sighting/360bc284-0c27-48da-9ee6-8e9616159356/export 360bc284-0c27-48da-9ee6-8e9616159356 2026-06-29T06:28:34.074678+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "360bc284-0c27-48da-9ee6-8e9616159356", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/patrickcmiller.bsky.social/post/3moomqqrcur2t", "content": "More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) labs.watchtowr.com/more-evidenc...", "creation_timestamp": "2026-06-20T00:42:02.174335Z"} 2026-06-20T00:42:02.174335+00:00 https://vulnerability.circl.lu/sighting/7e01942a-b15f-425e-a8cf-e6430c35d30f/export 7e01942a-b15f-425e-a8cf-e6430c35d30f 2026-06-29T06:28:34.074571+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "7e01942a-b15f-425e-a8cf-e6430c35d30f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mos63ixquk2v", "content": "\u26a0\ufe0f Four CVEs. Three breach reports. One week.\n\nCVE-2026-10520 in Chrome.\nCVE-2026-11645 in Cisco.\nCVE-2026-25089 in Exchange.\nCVE-2026-35273 in Google.\n\nhttps://www.yazoul.net/news/article/2026-w24-weekly-threat-roundup/\n\n#CyberSecurity #PatchNow", "creation_timestamp": "2026-06-21T10:30:16.253823Z"} 2026-06-21T10:30:16.253823+00:00 https://vulnerability.circl.lu/sighting/eca191ef-e68c-4a6d-84a9-950784ad026e/export eca191ef-e68c-4a6d-84a9-950784ad026e 2026-06-29T06:28:34.074423+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "eca191ef-e68c-4a6d-84a9-950784ad026e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mov6orc5l22z", "content": "Stood up an Ivanti Sentry honeypot for 5 days post-CISA-KEV (CVE-2026-10520). They bombarded the snot out of it...\n\none ran a toolkit, another hand-ran 362 commands and hashed their own SSH implant to confirm it stuck, another gsocket...\n\ncyfar.ca/engagements/...", "creation_timestamp": "2026-06-22T15:19:02.273324Z"} 2026-06-22T15:19:02.273324+00:00 https://vulnerability.circl.lu/sighting/91a9916f-bdff-4af9-9f04-37692d8d2567/export 91a9916f-bdff-4af9-9f04-37692d8d2567 2026-06-29T06:28:34.072126+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "91a9916f-bdff-4af9-9f04-37692d8d2567", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10520", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0064d242-0ee1-4d90-807e-e7aa6abae62e", "content": "", "creation_timestamp": "2026-06-23T14:02:58.312059Z"} 2026-06-23T14:02:58.312059+00:00