<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-16T04:48:19.894924+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/83a23b17-be05-488f-9182-aed74e0788f6/export</id>
    <title>83a23b17-be05-488f-9182-aed74e0788f6</title>
    <updated>2026-07-16T04:48:19.910364+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "83a23b17-be05-488f-9182-aed74e0788f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46339", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqqam6zeky26", "content": "CVE-2026-46339 in decolua 9Router (&amp;lt;0.4.37): CRITICAL OS command injection lets unauthenticated attackers fully compromise systems. Upgrade to 0.4.37 now. https://radar.offseq.com/threat/cve-2026-46339-cwe-78-improper-neutralization-of-s-96ae550cea593bb1 #OffSeq #CVE #security", "creation_timestamp": "2026-07-16T03:00:27.443537Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/83a23b17-be05-488f-9182-aed74e0788f6/export"/>
    <published>2026-07-16T03:00:27.443537+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/32d87a3d-f322-45b1-88ae-3bb3fad0e471/export</id>
    <title>32d87a3d-f322-45b1-88ae-3bb3fad0e471</title>
    <updated>2026-07-16T04:48:19.912792+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "32d87a3d-f322-45b1-88ae-3bb3fad0e471", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46339", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116927419172028216", "content": "CRITICAL: CVE-2026-46339 impacts decolua 9Router (&amp;lt;0.4.37). OS command injection via exposed API lets unauth attackers gain full control. Patch to 0.4.37 now! https://radar.offseq.com/threat/cve-2026-46339-cwe-78-improper-neutralization-of-s-96ae550cea593bb1 #OffSeq #CVE202646339 #infosec #security", "creation_timestamp": "2026-07-16T03:00:25.538953Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/32d87a3d-f322-45b1-88ae-3bb3fad0e471/export"/>
    <published>2026-07-16T03:00:25.538953+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/44111896-18b3-46c2-a90b-945d312fea4a/export</id>
    <title>44111896-18b3-46c2-a90b-945d312fea4a</title>
    <updated>2026-07-16T04:48:19.912934+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "44111896-18b3-46c2-a90b-945d312fea4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46339", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqq23ub7dj2e", "content": "CVE-2026-46339 - 9Router: Unauthenticated Remote Code Execution via unprotected MCP custom plugin routes\nCVE ID : CVE-2026-46339\n \n Published : July 15, 2026, 9:16 p.m. | 1\u00a0hour, 17\u00a0minutes ago\n \n Description : 9Router is an AI router &amp;amp; token saver. From 0.4.30 until 0.4.3...", "creation_timestamp": "2026-07-16T01:03:56.409644Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/44111896-18b3-46c2-a90b-945d312fea4a/export"/>
    <published>2026-07-16T01:03:56.409644+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/af0df7d4-e2a3-44fd-8bdd-62e3505582c6/export</id>
    <title>af0df7d4-e2a3-44fd-8bdd-62e3505582c6</title>
    <updated>2026-07-16T04:48:19.913054+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "af0df7d4-e2a3-44fd-8bdd-62e3505582c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46339", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-46339.yaml", "content": "", "creation_timestamp": "2026-07-16T00:00:03.619820Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/af0df7d4-e2a3-44fd-8bdd-62e3505582c6/export"/>
    <published>2026-07-16T00:00:03.619820+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/86ae5892-b393-43ee-ad7f-fd309da4260f/export</id>
    <title>86ae5892-b393-43ee-ad7f-fd309da4260f</title>
    <updated>2026-07-16T04:48:19.913156+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "86ae5892-b393-43ee-ad7f-fd309da4260f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46339", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqpq2aalhz2a", "content": "CVE-2026-46339 - 9router\nThe 9router software exposes unauthenticated API endpoints that can be used to execute arbitrary OS commands without any prerequisites or credentials. This vulnerability exists\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#9router #decolua #npm #CVE #infosec", "creation_timestamp": "2026-07-15T22:04:04.465509Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/86ae5892-b393-43ee-ad7f-fd309da4260f/export"/>
    <published>2026-07-15T22:04:04.465509+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/97f2a303-9e0e-427c-8b69-012c7af545f7/export</id>
    <title>97f2a303-9e0e-427c-8b69-012c7af545f7</title>
    <updated>2026-07-16T04:48:19.913269+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "97f2a303-9e0e-427c-8b69-012c7af545f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46339", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-46339.yaml", "content": "", "creation_timestamp": "2026-07-15T06:00:04.825296Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/97f2a303-9e0e-427c-8b69-012c7af545f7/export"/>
    <published>2026-07-15T06:00:04.825296+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bd6f372c-a933-4319-b6df-f755fb5034fe/export</id>
    <title>bd6f372c-a933-4319-b6df-f755fb5034fe</title>
    <updated>2026-07-16T04:48:19.913369+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cve.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "bd6f372c-a933-4319-b6df-f755fb5034fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-46339", "type": "published-proof-of-concept", "source": "https://github.com/decolua/9router/security/advisories/GHSA-fhh6-4qxv-rpqj", "content": "", "creation_timestamp": "2026-05-13T13:15:48.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bd6f372c-a933-4319-b6df-f755fb5034fe/export"/>
    <published>2026-05-13T13:15:48+00:00</published>
  </entry>
</feed>
