<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-12T23:13:00.079768+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/92241f74-9bb1-4c15-a1f3-dfe9156270a2/export</id>
    <title>92241f74-9bb1-4c15-a1f3-dfe9156270a2</title>
    <updated>2026-07-12T23:13:00.104188+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "92241f74-9bb1-4c15-a1f3-dfe9156270a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41880", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqd3brx24f2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-41880 \u0432 R-SOFT DMS: \u0443\u0433\u0440\u043e\u0437\u0430 OS Command Injection \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 OCR\n\n\n\nhttps://kripta.biz/posts/3DFBCB9E-3018-43AB-B580-7A3CACDD274F", "creation_timestamp": "2026-07-10T21:20:32.547148Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/92241f74-9bb1-4c15-a1f3-dfe9156270a2/export"/>
    <published>2026-07-10T21:20:32.547148+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/998dfd67-e6de-481f-93a9-97505012979c/export</id>
    <title>998dfd67-e6de-481f-93a9-97505012979c</title>
    <updated>2026-07-12T23:13:00.106953+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cve.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "998dfd67-e6de-481f-93a9-97505012979c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41880", "type": "seen", "source": "https://cert.pl/en/posts/2026/07/CVE-2026-41876", "content": "", "creation_timestamp": "2026-07-10T16:15:05.662442Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/998dfd67-e6de-481f-93a9-97505012979c/export"/>
    <published>2026-07-10T16:15:05.662442+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/11bfc150-8bdc-4577-8f92-d99fdf7b9a0a/export</id>
    <title>11bfc150-8bdc-4577-8f92-d99fdf7b9a0a</title>
    <updated>2026-07-12T23:13:00.108801+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "11bfc150-8bdc-4577-8f92-d99fdf7b9a0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41880", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqcdu6sfwq2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-41880 \u0432 R-SOFT DMS: \u0443\u0433\u0440\u043e\u0437\u0430 OS Command Injection \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 \u0440\u0430\u0441\u043f\u043e\u0437\u043d\u0430\u0432\u0430\u043d\u0438\u044f \u0442\u0435\u043a\u0441\u0442\u0430\n\n\n\nhttps://kripta.biz/posts/F61B40B1-6651-4D57-A411-F4C7B52835FC", "creation_timestamp": "2026-07-10T14:21:19.835572Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/11bfc150-8bdc-4577-8f92-d99fdf7b9a0a/export"/>
    <published>2026-07-10T14:21:19.835572+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d5716a4c-ca24-4ec4-906f-c8a5728ff69d/export</id>
    <title>d5716a4c-ca24-4ec4-906f-c8a5728ff69d</title>
    <updated>2026-07-12T23:13:00.108935+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d5716a4c-ca24-4ec4-906f-c8a5728ff69d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41880", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqc6lxopmc2x", "content": "CVE-2026-41880 - OS Command Injection in R-SOFT DMS\nCVE ID : CVE-2026-41880\n \n Published : July 10, 2026, 10:16 a.m. | 1\u00a0hour, 32\u00a0minutes ago\n \n Description : R-SOFT DMS is vulnerable to\u00a0OS Command Injection in the Optical Character Recognition (OCR) module. Multiple command e...", "creation_timestamp": "2026-07-10T12:47:15.405587Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d5716a4c-ca24-4ec4-906f-c8a5728ff69d/export"/>
    <published>2026-07-10T12:47:15.405587+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e43f28d0-62db-442b-8326-3153ddb8878c/export</id>
    <title>e43f28d0-62db-442b-8326-3153ddb8878c</title>
    <updated>2026-07-12T23:13:00.109041+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e43f28d0-62db-442b-8326-3153ddb8878c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41880", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqc3ykh4gg24", "content": "CVE-2026-41880: CRITICAL OS Command Injection in R-SOFT SERWIS DMS OCR module. Authenticated attackers can gain root via crafted uploads. Patch to v3.19-2862/3.17-2580 now. https://radar.offseq.com/threat/cve-2026-41880-cwe-78-improper-neutralization-of-s-9acc4d130ed96ca2 #OffSeq #infosec #CVE202...", "creation_timestamp": "2026-07-10T12:00:37.059319Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e43f28d0-62db-442b-8326-3153ddb8878c/export"/>
    <published>2026-07-10T12:00:37.059319+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bfe80ffc-9f84-48cf-97a3-f408f749b9e1/export</id>
    <title>bfe80ffc-9f84-48cf-97a3-f408f749b9e1</title>
    <updated>2026-07-12T23:13:00.109149+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "bfe80ffc-9f84-48cf-97a3-f408f749b9e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41880", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116895569307199764", "content": "CVE-2026-41880 | CRITICAL OS Command Injection in R-SOFT SERWIS DMS OCR module. Authenticated users can execute root commands via crafted uploads. Patched in v3.19-2862/3.17-2580. Upgrade now: https://radar.offseq.com/threat/cve-2026-41880-cwe-78-improper-neutralization-of-s-9acc4d130ed96ca2 #OffSeq #infosec #vulnerability #CVE202641880", "creation_timestamp": "2026-07-10T12:00:35.221298Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bfe80ffc-9f84-48cf-97a3-f408f749b9e1/export"/>
    <published>2026-07-10T12:00:35.221298+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ffbe42a9-48cd-4ed0-89cd-37113e7cbae3/export</id>
    <title>ffbe42a9-48cd-4ed0-89cd-37113e7cbae3</title>
    <updated>2026-07-12T23:13:00.109249+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ffbe42a9-48cd-4ed0-89cd-37113e7cbae3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41880", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqbz2mejxm2h", "content": "CVE-2026-41880 - dms\nAn attacker can upload a malicious file to R-SOFT DMS and execute system commands as the root user. This can allow unauthorized access to the system and potentially lead to data theft or system\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#dms #CVE #infosec", "creation_timestamp": "2026-07-10T11:08:04.261107Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ffbe42a9-48cd-4ed0-89cd-37113e7cbae3/export"/>
    <published>2026-07-10T11:08:04.261107+00:00</published>
  </entry>
</feed>
