https://vulnerability.circl.lu/sightings/feed 2026-06-30T20:52:54.336515+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/998be5b5-f722-48bf-a7f4-d3f74ffdc869/export 2026-06-30T20:52:54.353170+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "998be5b5-f722-48bf-a7f4-d3f74ffdc869", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41855", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgur23ar62d", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-41855 \u0432 Spring JMS: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/DA716E2C-B046-415A-AE60-4CB52233D6F0", "creation_timestamp": "2026-06-29T16:09:15.256283Z"} 2026-06-29T16:09:15.256283+00:00 https://vulnerability.circl.lu/sighting/4d022705-31c0-40c9-ae61-4a729f9636a3/export 2026-06-30T20:52:54.356488+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "4d022705-31c0-40c9-ae61-4a729f9636a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41856", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mofrmmqg672x", "content": "\ud83d\udd17 CVE : CVE-2026-41001, CVE-2026-41699, CVE-2026-41700, CVE-2026-41856", "creation_timestamp": "2026-06-16T12:15:15.014265Z"} 2026-06-16T12:15:15.014265+00:00 https://vulnerability.circl.lu/sighting/df0acd39-7052-4fc8-b2a1-70dda62b8c30/export 2026-06-30T20:52:54.356646+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "df0acd39-7052-4fc8-b2a1-70dda62b8c30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41856", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116730653982449979", "content": "\ud83d\udd12 HIGH severity: Spring for GraphQL (v1.0.0 \u2013 2.0.3) is affected by CVE-2026-41856 \u2014 improper access control can bypass security annotations, risking unauthorized access. Review your authorization logic ASAP. https://radar.offseq.com/threat/cve-2026-41856-cwe-284-improper-access-control-in--4879e7fe #OffSeq #SpringSecurity #GraphQL", "creation_timestamp": "2026-06-11T09:00:29.905279Z"} 2026-06-11T09:00:29.905279+00:00 https://vulnerability.circl.lu/sighting/cec747a7-022d-4b5e-ad04-b1e3a6af14cf/export 2026-06-30T20:52:54.356775+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "cec747a7-022d-4b5e-ad04-b1e3a6af14cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41856", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnyufqlyyh2r", "content": "Spring for GraphQL faces a HIGH severity flaw (CVE-2026-41856) \u2014 security annotations may be ignored, risking unauthorized access. Review auth logic ASAP. Versions 1.0.0 \u2013 2.0.3 affected. https://radar.offseq.com/threat/cve-2026-41856-cwe-284-improper-access-control-in--4879e7fe #OffSeq #SpringSe...", "creation_timestamp": "2026-06-11T09:00:29.202536Z"} 2026-06-11T09:00:29.202536+00:00 https://vulnerability.circl.lu/sighting/3aa39cd2-48f7-4449-b0c0-16b0dcc45705/export 2026-06-30T20:52:54.356899+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "3aa39cd2-48f7-4449-b0c0-16b0dcc45705", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41856", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnyr3dgend2x", "content": "\ud83d\udfe0 CVE-2026-41856 - High (7.5)\n\nThe Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41856/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-11T08:00:59.240717Z"} 2026-06-11T08:00:59.240717+00:00 https://vulnerability.circl.lu/sighting/14b8ebd3-66f0-42fa-a48c-ea726f672369/export 2026-06-30T20:52:54.357006+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "14b8ebd3-66f0-42fa-a48c-ea726f672369", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41855", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mntmtfbnrf2y", "content": "\ud83d\udfe0 CVE-2026-41855 - High (8.1)\n\nIn an untrusted JMS environment, org.springframework.jms.support.converter.MappingJackson2Message...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41855/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-09T07:01:39.136082Z"} 2026-06-09T07:01:39.136082+00:00 https://vulnerability.circl.lu/sighting/0420ce74-a367-4571-a2b8-f9b8f7dcb2d6/export 2026-06-30T20:52:54.357111+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "0420ce74-a367-4571-a2b8-f9b8f7dcb2d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41850", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mntmt63scm2i", "content": "\ud83d\udfe0 CVE-2026-41850 - High (7.5)\n\nApplications that evaluate user-supplied Spring Expression Language (SpEL) expressions are vulner...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41850/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-09T07:01:31.093011Z"} 2026-06-09T07:01:31.093011+00:00 https://vulnerability.circl.lu/sighting/92eddd54-1b07-42ad-b5b2-01fbbbd361e2/export 2026-06-30T20:52:54.357231+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "92eddd54-1b07-42ad-b5b2-01fbbbd361e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41858", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mnh3utvt5l2a", "content": "BOSH-Ecosystem\u306ewindows-utilities-release\u3067\u3001VM\u8d77\u52d5\u6642\u523b\u3092\u63a8\u5b9a\u3055\u308c\u3001Administrator\u30d1\u30b9\u30ef\u30fc\u30c9\u304c\u63a8\u6e2c\u3055\u308c\u308b\u8106\u5f31\u6027\u3002\nCVE-2026-41858 CVSS 7.5 | HIGH", "creation_timestamp": "2026-06-04T07:26:16.325740Z"} 2026-06-04T07:26:16.325740+00:00 https://vulnerability.circl.lu/sighting/3bde141a-33ab-466c-8d11-d78705701976/export 2026-06-30T20:52:54.357329+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "3bde141a-33ab-466c-8d11-d78705701976", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41859", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnh3pdmm2g26", "content": "CVE-2026-41859 - BOSH NATS Sync Information Disclosure and Credential Theft\nCVE ID : CVE-2026-41859\n \n Published : June 4, 2026, 3:16 a.m. | 3\u00a0hours, 16\u00a0minutes ago\n \n Description : A network man-in-the-middle between nats-sync and the BOSH director can steal the director cred...", "creation_timestamp": "2026-06-04T07:23:11.164039Z"} 2026-06-04T07:23:11.164039+00:00 https://vulnerability.circl.lu/sighting/d1bc362f-f3f8-4b3a-b080-e359e562f6d4/export 2026-06-30T20:52:54.357442+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "d1bc362f-f3f8-4b3a-b080-e359e562f6d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41858", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mngyykjnwv2p", "content": "CVE-2026-41858 - BOSH-Ecosystem windows-utilities-release Weak Randomness Leading to Administrator Password Recovery\nCVE ID : CVE-2026-41858\n \n Published : June 4, 2026, 3:16 a.m. | 3\u00a0hours, 16\u00a0minutes ago\n \n Description : Weak Randomness / Insecure Cryptographic Primitive (CW...", "creation_timestamp": "2026-06-04T06:34:39.742559Z"} 2026-06-04T06:34:39.742559+00:00