<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-12T13:48:15.439892+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/23f1dc4b-9cb3-49ec-8ed4-8e3a1d8b4c68/export</id>
    <title>23f1dc4b-9cb3-49ec-8ed4-8e3a1d8b4c68</title>
    <updated>2026-07-12T13:48:15.475827+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "23f1dc4b-9cb3-49ec-8ed4-8e3a1d8b4c68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41264", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqdjfnoyfi22", "content": "CVE-2026-41264: FlowiseAI's New Exploit Highlights Persistent Security Gaps #CVE2026 #FlowiseAI #CyberSecurity", "creation_timestamp": "2026-07-11T01:33:15.104252Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/23f1dc4b-9cb3-49ec-8ed4-8e3a1d8b4c68/export"/>
    <published>2026-07-11T01:33:15.104252+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6227aa2b-cf53-4ff1-9b5b-614c9fdff6ba/export</id>
    <title>6227aa2b-cf53-4ff1-9b5b-614c9fdff6ba</title>
    <updated>2026-07-12T13:48:15.477868+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6227aa2b-cf53-4ff1-9b5b-614c9fdff6ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41264", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqdjfjxcqo2o", "content": "CVE-2026-41264 Exposes FlowiseAI CSV Agent to Unauthenticated Attacks #CVE2026 #FlowiseAI #CyberSecurity", "creation_timestamp": "2026-07-11T01:33:11.535370Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6227aa2b-cf53-4ff1-9b5b-614c9fdff6ba/export"/>
    <published>2026-07-11T01:33:11.535370+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/db25d551-21af-4432-8e67-1070c48feff9/export</id>
    <title>db25d551-21af-4432-8e67-1070c48feff9</title>
    <updated>2026-07-12T13:48:15.478012+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "db25d551-21af-4432-8e67-1070c48feff9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41264", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqdjfgcx4g2o", "content": "CVE-2024-27822 and CVE-2026-41264 Expose Flaws in FlowiseAI and macOS \u2013 Who's Counting the Costs? #CVE2024 #CVE2026 #FlowiseAI", "creation_timestamp": "2026-07-11T01:33:07.177134Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/db25d551-21af-4432-8e67-1070c48feff9/export"/>
    <published>2026-07-11T01:33:07.177134+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8f55eec6-40a9-452e-ad14-e67073622a4e/export</id>
    <title>8f55eec6-40a9-452e-ad14-e67073622a4e</title>
    <updated>2026-07-12T13:48:15.478118+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8f55eec6-40a9-452e-ad14-e67073622a4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41264", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqdjfcsjhg2o", "content": "CVE-2026-41264 and CVE-2024-27822: Flawed Protections Expose Real Threats #CVE2026 #CVE2024 #CyberSecurity", "creation_timestamp": "2026-07-11T01:33:03.434249Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8f55eec6-40a9-452e-ad14-e67073622a4e/export"/>
    <published>2026-07-11T01:33:03.434249+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8db89b68-e1c0-46c6-8410-856394f71abe/export</id>
    <title>8db89b68-e1c0-46c6-8410-856394f71abe</title>
    <updated>2026-07-12T13:48:15.478217+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8db89b68-e1c0-46c6-8410-856394f71abe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41264", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqdjf6uyrm2p", "content": "CVE-2026-41264: FlowiseAI's Deep Flaw Offers Attackers Arbitrary Code Execution #CVE2026 #CyberSecurity #Vulnerability", "creation_timestamp": "2026-07-11T01:32:59.618546Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8db89b68-e1c0-46c6-8410-856394f71abe/export"/>
    <published>2026-07-11T01:32:59.618546+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/28c999b9-2dbc-406e-b1e6-65f2dc4a71ec/export</id>
    <title>28c999b9-2dbc-406e-b1e6-65f2dc4a71ec</title>
    <updated>2026-07-12T13:48:15.478312+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "28c999b9-2dbc-406e-b1e6-65f2dc4a71ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41264", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/flowise_auth_rce_cve_2026_41264.rb", "content": "{\"aliases\": [], \"arch\": \"cmd\", \"author\": [\"zdi-disclosures\", \"Takahiro Yokoyama\"], \"autofilter_ports\": [80, 8080, 443, 8000, 8888, 8880, 8008, 3000, 8443], \"autofilter_services\": [\"http\", \"https\"], \"check\": true, \"default_credential\": false, \"description\": \"This vulnerability allows remote attackers to execute arbitrary code on affected installations of FlowiseAI Flowise.\\n          Authentication is not required to exploit this vulnerability.\\n\\n          The specific flaw exists within the run method of the CSV_Agents class.\\n          The issue results from the lack of proper sandboxing when evaluating an LLM generated python script.\\n          An attacker can leverage this vulnerability to execute code in the context of the user running the server.\", \"disclosure_date\": \"2026-04-22\", \"fullname\": \"exploit/multi/http/flowise_auth_rce_cve_2026_41264\", \"is_install_path\": true, \"mod_time\": \"2026-06-06 12:25:07 +0000\", \"name\": \"Flowise CSV Agent Prompt Injection RCE\", \"needs_cleanup\": null, \"notes\": {\"Reliability\": [\"repeatable-session\"], \"SideEffects\": [\"ioc-in-logs\"], \"Stability\": [\"crash-safe\"]}, \"path\": \"/modules/exploits/multi/http/flowise_auth_rce_cve_2026_41264.rb\", \"platform\": \"Linux,Unix,Windows\", \"post_auth\": false, \"rank\": 600, \"ref_name\": \"multi/http/flowise_auth_rce_cve_2026_41264\", \"references\": [\"CVE-2026-41264\", \"GHSA-3hjv-c53m-58jj\"], \"rport\": 3000, \"session_types\": false, \"targets\": [\"Linux Command\", \"Windows Command\"], \"type\": \"exploit\"}", "creation_timestamp": "2026-07-05T07:55:59.725929Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/28c999b9-2dbc-406e-b1e6-65f2dc4a71ec/export"/>
    <published>2026-07-05T07:55:59.725929+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/da99882a-a9da-4ecf-8a20-6b8d051e6180/export</id>
    <title>da99882a-a9da-4ecf-8a20-6b8d051e6180</title>
    <updated>2026-07-12T13:48:15.478430+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "da99882a-a9da-4ecf-8a20-6b8d051e6180", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41264", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/flowise_auth_rce_cve_2026_41264.rb", "content": "{\"aliases\": [], \"arch\": \"cmd\", \"author\": [\"zdi-disclosures\", \"Takahiro Yokoyama\"], \"autofilter_ports\": [80, 8080, 443, 8000, 8888, 8880, 8008, 3000, 8443], \"autofilter_services\": [\"http\", \"https\"], \"check\": true, \"default_credential\": false, \"description\": \"This vulnerability allows remote attackers to execute arbitrary code on affected installations of FlowiseAI Flowise.\\n          Authentication is not required to exploit this vulnerability.\\n\\n          The specific flaw exists within the run method of the CSV_Agents class.\\n          The issue results from the lack of proper sandboxing when evaluating an LLM generated python script.\\n          An attacker can leverage this vulnerability to execute code in the context of the user running the server.\", \"disclosure_date\": \"2026-04-22\", \"fullname\": \"exploit/multi/http/flowise_auth_rce_cve_2026_41264\", \"is_install_path\": true, \"mod_time\": \"2026-06-06 12:25:07 +0000\", \"name\": \"Flowise CSV Agent Prompt Injection RCE\", \"needs_cleanup\": null, \"notes\": {\"Reliability\": [\"repeatable-session\"], \"SideEffects\": [\"ioc-in-logs\"], \"Stability\": [\"crash-safe\"]}, \"path\": \"/modules/exploits/multi/http/flowise_auth_rce_cve_2026_41264.rb\", \"platform\": \"Linux,Unix,Windows\", \"post_auth\": false, \"rank\": 600, \"ref_name\": \"multi/http/flowise_auth_rce_cve_2026_41264\", \"references\": [\"CVE-2026-41264\", \"GHSA-3hjv-c53m-58jj\"], \"rport\": 3000, \"session_types\": false, \"targets\": [\"Linux Command\", \"Windows Command\"], \"type\": \"exploit\"}", "creation_timestamp": "2026-07-03T08:40:03.367903Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/da99882a-a9da-4ecf-8a20-6b8d051e6180/export"/>
    <published>2026-07-03T08:40:03.367903+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f588181e-64ae-4b43-9b51-da32c8f87572/export</id>
    <title>f588181e-64ae-4b43-9b51-da32c8f87572</title>
    <updated>2026-07-12T13:48:15.478549+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cve.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "f588181e-64ae-4b43-9b51-da32c8f87572", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41262", "type": "published-proof-of-concept", "source": "https://github.com/fleetdm/fleet/security/advisories/GHSA-gm7f-v959-fr2g", "content": "", "creation_timestamp": "2026-06-26T22:35:37.463698Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f588181e-64ae-4b43-9b51-da32c8f87572/export"/>
    <published>2026-06-26T22:35:37.463698+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c23f149b-252d-40dc-8186-437b3e478dce/export</id>
    <title>c23f149b-252d-40dc-8186-437b3e478dce</title>
    <updated>2026-07-12T13:48:15.480046+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c23f149b-252d-40dc-8186-437b3e478dce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41263", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mkqpzycnet2q", "content": "CVE-2026-41263 - Traefik: BasicAuth middleware: timing side-channel vulnerability\nCVE ID : CVE-2026-41263\n \n Published : April 30, 2026, 9:16 p.m. | 1\u00a0hour, 2\u00a0minutes ago\n \n Description : Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, an...", "creation_timestamp": "2026-04-30T23:05:25.891616Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c23f149b-252d-40dc-8186-437b3e478dce/export"/>
    <published>2026-04-30T23:05:25.891616+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b8e8d750-5889-4940-92b7-cf50e6fd3cc6/export</id>
    <title>b8e8d750-5889-4940-92b7-cf50e6fd3cc6</title>
    <updated>2026-07-12T13:48:15.480165+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b8e8d750-5889-4940-92b7-cf50e6fd3cc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41267", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mkfcol2w4r2o", "content": "", "creation_timestamp": "2026-04-26T10:07:07.969747Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b8e8d750-5889-4940-92b7-cf50e6fd3cc6/export"/>
    <published>2026-04-26T10:07:07.969747+00:00</published>
  </entry>
</feed>
