https://vulnerability.circl.lu/sightings/feed 2026-06-30T19:40:48.608467+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/4e447f2a-8907-40ea-956e-31d03ccaee93/export 2026-06-30T19:40:48.631295+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "4e447f2a-8907-40ea-956e-31d03ccaee93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44930", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mottspams62p", "content": "\ud83d\udea8 ALERT: CVE-2026-44930\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nAn LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server in Apache CXF may allow an attacker to retrieve arbitrary certificates from the repository.\u00a0\nUsers are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11,", "creation_timestamp": "2026-06-22T02:31:42.113338Z"} 2026-06-22T02:31:42.113338+00:00 https://vulnerability.circl.lu/sighting/74ade149-19c2-49be-bdc6-3b9771994264/export 2026-06-30T19:40:48.634127+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "74ade149-19c2-49be-bdc6-3b9771994264", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44930", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3moqr7febxj2t", "content": "\ud83d\udccc CVE-2026-44930 - An LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server in Apache CXF may allow an attacker to retrieve arbitrary certif... https://www.cyberhub.blog/cves/CVE-2026-44930", "creation_timestamp": "2026-06-20T21:07:08.274708Z"} 2026-06-20T21:07:08.274708+00:00 https://vulnerability.circl.lu/sighting/c3f1ae1f-5ccc-4013-9552-5a02208d7d18/export 2026-06-30T19:40:48.634233+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "c3f1ae1f-5ccc-4013-9552-5a02208d7d18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44939", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3monrbpxeju2q", "content": "CVE-2026-44939 - Command injection through unsanitized YAML parameter in Rancher\nCVE ID : CVE-2026-44939\n \n Published : June 19, 2026, 12:13 p.m. | 1\u00a0hour, 29\u00a0minutes ago\n \n Description : A command injection vulnerability in the Rancher Manager cluster before 2.14.2 import end...", "creation_timestamp": "2026-06-19T16:30:26.675004Z"} 2026-06-19T16:30:26.675004+00:00 https://vulnerability.circl.lu/sighting/0b066277-32ff-46fc-b9f6-97284c9846a7/export 2026-06-30T19:40:48.634314+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "0b066277-32ff-46fc-b9f6-97284c9846a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44939", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116777203438598649", "content": "The severity is increased for this new vulnerability affecting SUSE Rancher (CVE-2026-44939) https://vuldb.com/vuln/372349", "creation_timestamp": "2026-06-19T14:18:42.109101Z"} 2026-06-19T14:18:42.109101+00:00 https://vulnerability.circl.lu/sighting/bfb9fb03-bdb5-4410-acce-b3394196f830/export 2026-06-30T19:40:48.634391+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "bfb9fb03-bdb5-4410-acce-b3394196f830", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44932", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mogewtkvur2r", "content": "\ud83d\udfe0 CVE-2026-44932 - High (8.8)\n\nPassing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-44932/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-16T18:00:59.402824Z"} 2026-06-16T18:00:59.402824+00:00 https://vulnerability.circl.lu/sighting/1ab95da2-78fc-40d6-ac69-85331844b47e/export 2026-06-30T19:40:48.634467+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "1ab95da2-78fc-40d6-ac69-85331844b47e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44932", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogeiujyy724", "content": "CVE-2026-44932 - indirect remote shell command injection via unsanitized DHCP options in wicked\nCVE ID : CVE-2026-44932\n \n Published : June 16, 2026, 3:26 p.m. | 1\u00a0hour, 42\u00a0minutes ago\n \n Description : Passing of unsanitized strings from DHCP replies into the wicked dhcp clien...", "creation_timestamp": "2026-06-16T17:53:09.638283Z"} 2026-06-16T17:53:09.638283+00:00 https://vulnerability.circl.lu/sighting/37c0003e-3b19-4ae5-87d0-83c176873dc9/export 2026-06-30T19:40:48.634542+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "37c0003e-3b19-4ae5-87d0-83c176873dc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44939", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3mngl44gers2h", "content": "Rancher Kubernetes\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u306b3\u4ef6\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027(CVE-2026-44939,CVE-2026-41052,CVE-2026-41053)\n\nrocket-boys.co.jp/security-mea...\n\n#\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56Lab #security #securitynews", "creation_timestamp": "2026-06-04T02:26:12.204289Z"} 2026-06-04T02:26:12.204289+00:00 https://vulnerability.circl.lu/sighting/b98b5c7e-eddb-4219-8f66-be945d25a451/export 2026-06-30T19:40:48.634621+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "b98b5c7e-eddb-4219-8f66-be945d25a451", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44930", "type": "seen", "source": "https://t.me/bdufstecru/3204", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0435\u0440\u0432\u0438\u0441\u0430 XKMS (XML Key Management Specification) \u043a\u0430\u0440\u043a\u0430\u0441\u0430 \u0434\u043b\u044f \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 Apache CXF \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435\u043c \u043c\u0435\u0440 \u043f\u043e \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432 \u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u0435 LDAP. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438\n\nBDU:2026-07399\nCVE-2026-44930\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://lists.apache.org/thread/c1zqxppo1m5z3kbdhjn5p991zk09ynkh", "creation_timestamp": "2026-05-29T13:10:09.000000Z"} 2026-05-29T13:10:09+00:00 https://vulnerability.circl.lu/sighting/e293656c-cce4-48b0-a874-b2d2540d1224/export 2026-06-30T19:40:48.634704+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "e293656c-cce4-48b0-a874-b2d2540d1224", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44930", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3mmupsheol22m", "content": "Apache CXF\u306eXKMS LDAP\u30b5\u30fc\u30d3\u30b9\u306bLDAP\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u304c\u53ef\u80fd\u306b\u306a\u308b\u8106\u5f31\u6027 CVE-2026-44930\nrocket-boys.co.jp/security-mea...\n\n#\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56Lab #security #securitynews", "creation_timestamp": "2026-05-28T00:02:18.545781Z"} 2026-05-28T00:02:18.545781+00:00 https://vulnerability.circl.lu/sighting/f84825f2-ce36-4ba0-bc5f-0e80654c49e9/export 2026-06-30T19:40:48.634777+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "f84825f2-ce36-4ba0-bc5f-0e80654c49e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44933", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmbpv2jchj2p", "content": "CVE-2026-44933 - Path Traversal in Plugin Loading in libzypp\nCVE ID : CVE-2026-44933\n \n Published : May 20, 2026, 8:51 a.m. | 1\u00a0hour, 23\u00a0minutes ago\n \n Description : `PluginScript` attempts to `chroot` the plugin to the `repoManagerRoot`, this root is frequently `/` (the syste...", "creation_timestamp": "2026-05-20T10:43:08.143604Z"} 2026-05-20T10:43:08.143604+00:00