<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-02T10:37:40.660532+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/eee79fb7-9d57-4fdf-af97-6837a9df4026/export</id>
    <title>eee79fb7-9d57-4fdf-af97-6837a9df4026</title>
    <updated>2026-07-02T10:37:40.683335+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "eee79fb7-9d57-4fdf-af97-6837a9df4026", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11525", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mozuke5jad2f", "content": "\n\ud83d\udea8 New LOW CVE detected in AWS Lambda \ud83d\udea8\nCVE-2026-11525 impacts undici in 1 Lambda base images.\n\nDetails: https://github.com/aws/aws-lambda-base-images/issues/581\nMore: https://lambdawatchdog.com/\n\n#AWS #Lambda #CVE #CloudSecurity #Serverless", "creation_timestamp": "2026-06-24T12:00:54.980245Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/eee79fb7-9d57-4fdf-af97-6837a9df4026/export"/>
    <published>2026-06-24T12:00:54.980245+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9b5c092e-4950-4992-b569-7710744067ec/export</id>
    <title>9b5c092e-4950-4992-b569-7710744067ec</title>
    <updated>2026-07-02T10:37:40.686464+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9b5c092e-4950-4992-b569-7710744067ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11525", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3moxe4wehti2x", "content": "\n\ud83d\udea8 New LOW CVE detected in AWS Lambda \ud83d\udea8\nCVE-2026-11525 impacts undici in 1 Lambda base images.\n\nDetails: https://github.com/aws/aws-lambda-base-images/issues/580\nMore: https://lambdawatchdog.com/\n\n#AWS #Lambda #CVE #CloudSecurity #Serverless", "creation_timestamp": "2026-06-23T12:01:44.295826Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9b5c092e-4950-4992-b569-7710744067ec/export"/>
    <published>2026-06-23T12:01:44.295826+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3cb93659-856f-49f9-a3cc-0d004a1f9277/export</id>
    <title>3cb93659-856f-49f9-a3cc-0d004a1f9277</title>
    <updated>2026-07-02T10:37:40.686658+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3cb93659-856f-49f9-a3cc-0d004a1f9277", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11527", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mosekpzves2i", "content": "CVE-2026-11527: falha no libconfig-inifiles-perl do #Debian / #Ubuntu permite inje\u00e7\u00e3o de comandos via nomes de arquivo maliciosos.   Saiba mais: -&amp;gt;  tinyurl.com/u534n7ye", "creation_timestamp": "2026-06-21T12:26:09.978843Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3cb93659-856f-49f9-a3cc-0d004a1f9277/export"/>
    <published>2026-06-21T12:26:09.978843+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2f6f756b-0472-4779-8b9f-e08719cafa33/export</id>
    <title>2f6f756b-0472-4779-8b9f-e08719cafa33</title>
    <updated>2026-07-02T10:37:40.686789+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2f6f756b-0472-4779-8b9f-e08719cafa33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11527", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mosekpb6ec2i", "content": "CVE-2026-11527: falha no libconfig-inifiles-perl do #Debian / #Ubuntu permite inje\u00e7\u00e3o de comandos via nomes de arquivo maliciosos.   Saiba mais: -&amp;gt;  tinyurl.com/u534n7ye", "creation_timestamp": "2026-06-21T12:26:09.436062Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2f6f756b-0472-4779-8b9f-e08719cafa33/export"/>
    <published>2026-06-21T12:26:09.436062+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/016e2496-f040-4be0-b114-72d72ce6c4d2/export</id>
    <title>016e2496-f040-4be0-b114-72d72ce6c4d2</title>
    <updated>2026-07-02T10:37:40.686910+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "016e2496-f040-4be0-b114-72d72ce6c4d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11525", "type": "seen", "source": "https://bsky.app/profile/nodeland.dev/post/3mol72ndrtt2r", "content": "\ud83d\udd35 Low: SameSite downgrade (CVE-2026-11525).\nSubstring matching meant `SameSite=NoneOfYourBusiness` parsed as `None` and `StrictLax` as `Lax`, silently weakening cookie policies. v6/v7/v8.", "creation_timestamp": "2026-06-18T15:59:06.190352Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/016e2496-f040-4be0-b114-72d72ce6c4d2/export"/>
    <published>2026-06-18T15:59:06.190352+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1a6603a6-7f60-4539-8209-94f722390f0b/export</id>
    <title>1a6603a6-7f60-4539-8209-94f722390f0b</title>
    <updated>2026-07-02T10:37:40.687032+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "1a6603a6-7f60-4539-8209-94f722390f0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11525", "type": "seen", "source": "https://bsky.app/profile/ulisesgascon.com/post/3moitvr3dbc2g", "content": "\ud83d\udea8 Low-severity security fix in undici (6.26.0, 7.28.0, 8.5.0) just released!\n\nPatches CVE-2026-11525. undici vulnerable to Set-Cookie SameSite attribute downgrade via permissive substring matching.\n\ngithub.com/nodejs/undic...", "creation_timestamp": "2026-06-17T17:34:09.494193Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1a6603a6-7f60-4539-8209-94f722390f0b/export"/>
    <published>2026-06-17T17:34:09.494193+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/04c7c49d-cb2a-4ea7-ac44-b742e2efb3a6/export</id>
    <title>04c7c49d-cb2a-4ea7-ac44-b742e2efb3a6</title>
    <updated>2026-07-02T10:37:40.687150+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "04c7c49d-cb2a-4ea7-ac44-b742e2efb3a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11526", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3moid7skjpc2b", "content": "\u26a0\ufe0f CVE-2026-11526: falha cr\u00edtica no libgd-perl permite execu\u00e7\u00e3o de comandos no #Debian. Vers\u00e3o corrigida: 2.78-1+deb13u1.  Saiba mais: -&amp;gt;  tinyurl.com/ja7274nf", "creation_timestamp": "2026-06-17T12:35:33.801233Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/04c7c49d-cb2a-4ea7-ac44-b742e2efb3a6/export"/>
    <published>2026-06-17T12:35:33.801233+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b7fb9b42-f3e6-47a4-be79-5f249f48fb2d/export</id>
    <title>b7fb9b42-f3e6-47a4-be79-5f249f48fb2d</title>
    <updated>2026-07-02T10:37:40.687251+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b7fb9b42-f3e6-47a4-be79-5f249f48fb2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11526", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3moid7rl3ts2b", "content": "\u26a0\ufe0f CVE-2026-11526: falha cr\u00edtica no libgd-perl permite execu\u00e7\u00e3o de comandos no #Debian. Vers\u00e3o corrigida: 2.78-1+deb13u1.  Saiba mais: -&amp;gt;  tinyurl.com/ja7274nf", "creation_timestamp": "2026-06-17T12:35:33.269992Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b7fb9b42-f3e6-47a4-be79-5f249f48fb2d/export"/>
    <published>2026-06-17T12:35:33.269992+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/16e19ae6-287e-4823-8aef-92916b491e88/export</id>
    <title>16e19ae6-287e-4823-8aef-92916b491e88</title>
    <updated>2026-07-02T10:37:40.687351+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "16e19ae6-287e-4823-8aef-92916b491e88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11526", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3mog3r7wvp42j", "content": "Perl's GD module patched CVE-2026-11526 in 2.86: passing a filename that begins or ends with a pipe to an image constructor could execute a shell command, thanks to 2-arg open(). The fix uses 3-arg open. When did you last audit your open() calls?\n#Perl", "creation_timestamp": "2026-06-16T15:16:46.264527Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/16e19ae6-287e-4823-8aef-92916b491e88/export"/>
    <published>2026-06-16T15:16:46.264527+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/dae129e2-f896-46db-a1a3-94bdde4e73d0/export</id>
    <title>dae129e2-f896-46db-a1a3-94bdde4e73d0</title>
    <updated>2026-07-02T10:37:40.687453+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "dae129e2-f896-46db-a1a3-94bdde4e73d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11526", "type": "seen", "source": "https://bsky.app/profile/cybersecinsight.bsky.social/post/3mod763bfml2v", "content": "\ud83d\udd0d Vulnerability Spotlight | Part 2/3\n\n\u26a0\ufe0f CVE-2026-11526\n\nGD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle.\n\nGD::I...", "creation_timestamp": "2026-06-15T11:39:39.627065Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/dae129e2-f896-46db-a1a3-94bdde4e73d0/export"/>
    <published>2026-06-15T11:39:39.627065+00:00</published>
  </entry>
</feed>
