<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-15T17:15:53.290208+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/521a123e-7f0b-45d2-b77d-87e58f235cad/export</id>
    <title>521a123e-7f0b-45d2-b77d-87e58f235cad</title>
    <updated>2026-07-15T17:15:53.317148+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "521a123e-7f0b-45d2-b77d-87e58f235cad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42496", "type": "seen", "source": "https://bsky.app/profile/gcpweekly.bsky.social/post/3mqp5ww6arr2m", "content": "Yes Critical (9.1) CVE-2026-39831 Yes Yes Yes Yes Critical (9.1) CVE-2026-39832 Yes Yes Yes Yes Critical (9.1) CVE-2026-39833 Yes Yes Yes Yes Critical (9.1) CVE-2026-39834 Yes Yes Yes Yes Critical (9.1) CVE-2026-42496 Yes Yes No Yes Medium (9.1) CVE-2026-42508 Yes Yes Yes", "creation_timestamp": "2026-07-15T16:40:08.394683Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/521a123e-7f0b-45d2-b77d-87e58f235cad/export"/>
    <published>2026-07-15T16:40:08.394683+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c0bc9121-867f-4b61-9f88-a3996566d70f/export</id>
    <title>c0bc9121-867f-4b61-9f88-a3996566d70f</title>
    <updated>2026-07-15T17:15:53.318627+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c0bc9121-867f-4b61-9f88-a3996566d70f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42491", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mqovuc3ajs2u", "content": "\ud83d\udd17 CVE : CVE-2026-42491", "creation_timestamp": "2026-07-15T14:15:30.021522Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c0bc9121-867f-4b61-9f88-a3996566d70f/export"/>
    <published>2026-07-15T14:15:30.021522+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2c132b74-ebff-4960-b46d-13b9ec5a2237/export</id>
    <title>2c132b74-ebff-4960-b46d-13b9ec5a2237</title>
    <updated>2026-07-15T17:15:53.318749+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2c132b74-ebff-4960-b46d-13b9ec5a2237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42491", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mqovu3ew4h2c", "content": "\ud83d\udd17 CVE : CVE-2026-42491, CVE-2026-53565, CVE-2026-53566", "creation_timestamp": "2026-07-15T14:15:26.514165Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2c132b74-ebff-4960-b46d-13b9ec5a2237/export"/>
    <published>2026-07-15T14:15:26.514165+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a87bb731-4ce0-44d7-b78c-9d4684d05645/export</id>
    <title>a87bb731-4ce0-44d7-b78c-9d4684d05645</title>
    <updated>2026-07-15T17:15:53.318846+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a87bb731-4ce0-44d7-b78c-9d4684d05645", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42491", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mqmnanemgl23", "content": "Xen Security Advisory 498 v2 (CVE-2026-42491) - XAPI: Missing TLS verification in some SDKs", "creation_timestamp": "2026-07-14T16:35:58.851195Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a87bb731-4ce0-44d7-b78c-9d4684d05645/export"/>
    <published>2026-07-14T16:35:58.851195+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/37855c3e-4121-4252-a26d-a98fe54564e5/export</id>
    <title>37855c3e-4121-4252-a26d-a98fe54564e5</title>
    <updated>2026-07-15T17:15:53.318938+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "37855c3e-4121-4252-a26d-a98fe54564e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4249", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqifjigmk42f", "content": "\ud83d\udccc CVE-2026-4249 - The throttling event handling mechanism in multiple WSO2 products accepts user-supplied JSON payloads without sufficient validation of their structure... https://www.cyberhub.blog/cves/CVE-2026-4249", "creation_timestamp": "2026-07-13T00:07:07.158620Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/37855c3e-4121-4252-a26d-a98fe54564e5/export"/>
    <published>2026-07-13T00:07:07.158620+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a33dd92f-4f07-4ac5-ad7c-944d0de44976/export</id>
    <title>a33dd92f-4f07-4ac5-ad7c-944d0de44976</title>
    <updated>2026-07-15T17:15:53.319034+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a33dd92f-4f07-4ac5-ad7c-944d0de44976", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42496", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpywt27xh32s", "content": "CVE-2026-42496 - rootio-perl\nThe rootio-perl package in Debian 12 had a security issue that allowed unauthorized access to sensitive information. This has been fixed by Root in a recent update, and\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#rootioperl #RootDebian12 #CVE #infosec", "creation_timestamp": "2026-07-06T20:34:05.614362Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a33dd92f-4f07-4ac5-ad7c-944d0de44976/export"/>
    <published>2026-07-06T20:34:05.614362+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/28b59b8e-9efe-4598-93b0-433c30f1795b/export</id>
    <title>28b59b8e-9efe-4598-93b0-433c30f1795b</title>
    <updated>2026-07-15T17:15:53.319146+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "28b59b8e-9efe-4598-93b0-433c30f1795b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4249", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpy3dicdxy2n", "content": "CVE-2026-4249 - Denial of Service via Malicious JSON Payloads in Throttling Events in Multiple WSO2 Products Causing Persistent Service Disruption\nCVE ID : CVE-2026-4249\n \n Published : July 6, 2026, 11:16 a.m. | 31\u00a0minutes ago\n \n Description : The throttling event handling mec...", "creation_timestamp": "2026-07-06T12:22:12.107001Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/28b59b8e-9efe-4598-93b0-433c30f1795b/export"/>
    <published>2026-07-06T12:22:12.107001+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/dc876ac8-040d-47e0-85ec-708dc41d505b/export</id>
    <title>dc876ac8-040d-47e0-85ec-708dc41d505b</title>
    <updated>2026-07-15T17:15:53.319240+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "dc876ac8-040d-47e0-85ec-708dc41d505b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42496", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motmrathgt2r", "content": "\ud83d\udea8  ALERT: CVE-2026-42496\n\nCVSS 9.1/10\n\n\ud83d\udccb WHAT IT IS:\nArchive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory.\n\n_make_special_file() passes the tar header's linkname to symlink() without validating it against absolute paths or .. s", "creation_timestamp": "2026-06-22T00:26:01.719855Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/dc876ac8-040d-47e0-85ec-708dc41d505b/export"/>
    <published>2026-06-22T00:26:01.719855+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1f3e7427-8be4-4224-843f-05d7ad70e51c/export</id>
    <title>1f3e7427-8be4-4224-843f-05d7ad70e51c</title>
    <updated>2026-07-15T17:15:53.319336+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cve.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "1f3e7427-8be4-4224-843f-05d7ad70e51c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42490", "type": "seen", "source": "https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-xen", "content": "", "creation_timestamp": "2026-06-10T04:24:52.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1f3e7427-8be4-4224-843f-05d7ad70e51c/export"/>
    <published>2026-06-10T04:24:52+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/113925f8-77bb-4e40-a554-a256f813abf5/export</id>
    <title>113925f8-77bb-4e40-a554-a256f813abf5</title>
    <updated>2026-07-15T17:15:53.320359+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "113925f8-77bb-4e40-a554-a256f813abf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42490", "type": "seen", "source": "https://infosec.exchange/users/andersonc0d3/statuses/116720431315436112", "content": "Xen Security Advisory 491 v2 (CVE-2026-42487) - x86 HVM I/O port list traversal\nhttps://seclists.org/oss-sec/2026/q2/857\nXen Security Advisory 492 v3 (CVE-2026-42489,CVE-2026-42490) - domctl lock open to abuse\nhttps://seclists.org/oss-sec/2026/q2/858\nXen Security Advisory 493 v2 (CVE-2025-10263) - Arm: Completion of memory accesses not guaranteed by completion of a TLBI\nhttps://seclists.org/oss-sec/2026/q2/859", "creation_timestamp": "2026-06-09T13:41:01.482582Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/113925f8-77bb-4e40-a554-a256f813abf5/export"/>
    <published>2026-06-09T13:41:01.482582+00:00</published>
  </entry>
</feed>
