<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-13T12:58:40.178818+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c4206f0c-9ec2-45e0-98e8-bdf9231c2012/export</id>
    <title>c4206f0c-9ec2-45e0-98e8-bdf9231c2012</title>
    <updated>2026-07-13T12:58:40.200608+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c4206f0c-9ec2-45e0-98e8-bdf9231c2012", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20744", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqemgu5tlq2k", "content": "\ud83d\udd34 CVE-2026-20744 - Critical (9.8)\n\nThe charging station websocket endpoint accepts connections without \nproper authentication, which...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-20744/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-11T12:00:16.173516Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c4206f0c-9ec2-45e0-98e8-bdf9231c2012/export"/>
    <published>2026-07-11T12:00:16.173516+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6997ac4f-77a1-4e0c-9bda-b5cea697887b/export</id>
    <title>6997ac4f-77a1-4e0c-9bda-b5cea697887b</title>
    <updated>2026-07-13T12:58:40.203246+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6997ac4f-77a1-4e0c-9bda-b5cea697887b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20744", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdratnm4d27", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-20744: \u041d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0432\u0435\u0431-\u0441\u043e\u043a\u0435\u0442\u043d\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0437\u0430\u0440\u044f\u0434\u043d\u044b\u0445 \u0441\u0442\u0430\u043d\u0446\u0438\u0439\n\n\n\nhttps://kripta.biz/posts/1AA7653E-01E0-414D-BDA7-88B0AE4EC205", "creation_timestamp": "2026-07-11T03:53:42.817837Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6997ac4f-77a1-4e0c-9bda-b5cea697887b/export"/>
    <published>2026-07-11T03:53:42.817837+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f22db711-f863-4dc8-ac25-19c9485236b8/export</id>
    <title>f22db711-f863-4dc8-ac25-19c9485236b8</title>
    <updated>2026-07-13T12:58:40.203441+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f22db711-f863-4dc8-ac25-19c9485236b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20744", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqdgsn62rd24", "content": "CVE-2026-20744 - Hydro-Qu\u00e9bec Le Circuit Electrique charging station backend Improper Access Control\nCVE ID : CVE-2026-20744\n \n Published : July 10, 2026, 11:16 p.m. | 32\u00a0minutes ago\n \n Description : The charging station websocket endpoint accepts connections without \nproper a...", "creation_timestamp": "2026-07-11T00:46:48.836321Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f22db711-f863-4dc8-ac25-19c9485236b8/export"/>
    <published>2026-07-11T00:46:48.836321+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/97e63f7c-4eaf-4f5e-adfa-c523ef6c0aca/export</id>
    <title>97e63f7c-4eaf-4f5e-adfa-c523ef6c0aca</title>
    <updated>2026-07-13T12:58:40.203605+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "97e63f7c-4eaf-4f5e-adfa-c523ef6c0aca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20744", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqdf7b44242w", "content": "CVE-2026-20744\nThe charging station's websocket endpoint doesn't require authentication, allowing unauthorized users to potentially gain higher access levels. This could lead to unauthorized access to sensitive charging\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-11T00:18:05.216666Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/97e63f7c-4eaf-4f5e-adfa-c523ef6c0aca/export"/>
    <published>2026-07-11T00:18:05.216666+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/33f94021-30cb-4d30-844e-728aaef53562/export</id>
    <title>33f94021-30cb-4d30-844e-728aaef53562</title>
    <updated>2026-07-13T12:58:40.203745+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "33f94021-30cb-4d30-844e-728aaef53562", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20744", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqdea35kfd24", "content": "Hydro-Qu\u00e9bec Le Circuit Electrique backend CRITICAL vuln (CVSS 9.8): Unauthenticated websocket lets attackers escalate privileges. Restrict access &amp;amp; monitor until patch available. https://radar.offseq.com/threat/cve-2026-20744-cwe-284-in-hydro-qubec-le-circuit-e-bd15f6a4c1c3953e #OffSeq #CVE20262...", "creation_timestamp": "2026-07-11T00:00:45.132669Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/33f94021-30cb-4d30-844e-728aaef53562/export"/>
    <published>2026-07-11T00:00:45.132669+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8653a38f-7842-4164-a7dc-ea29d1921ef9/export</id>
    <title>8653a38f-7842-4164-a7dc-ea29d1921ef9</title>
    <updated>2026-07-13T12:58:40.203891+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8653a38f-7842-4164-a7dc-ea29d1921ef9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20744", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116898400596472098", "content": "CVE-2026-20744 (CRITICAL, CVSS 9.8): Hydro-Qu\u00e9bec Le Circuit Electrique backend websocket lacks auth, allowing privilege escalation. No patch available. Restrict access &amp;amp; monitor connections. https://radar.offseq.com/threat/cve-2026-20744-cwe-284-in-hydro-qubec-le-circuit-e-bd15f6a4c1c3953e #OffSeq #CVE202620744 #ICS #Vulnerability", "creation_timestamp": "2026-07-11T00:00:38.029789Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8653a38f-7842-4164-a7dc-ea29d1921ef9/export"/>
    <published>2026-07-11T00:00:38.029789+00:00</published>
  </entry>
</feed>
