https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-06-21T14:37:38.817604+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/7bbce898-2128-4f5c-9910-28a649de07a2/export7bbce898-2128-4f5c-9910-28a649de07a22026-06-21T14:37:38.845972+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "7bbce898-2128-4f5c-9910-28a649de07a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46529", "type": "seen", "source": "https://infosec.exchange/users/wdormann/statuses/116625967773895498", "content": "This evince (and friends) command injection is sort of neat.\nThere seems to be some agreement that it's CVE-2026-46529, except CVE-2026-46529 doesn't actually exist.\nThe advisory isn't clear what distros are affected, and it took a couple of attempts to find an environment where the default exploit works. But here's a screen recording of it working on OpenSUSE. You click anywhere in a PDF and you get arbitrary command execution.\nAlso slightly odd is that the writeup in GitHub states that evince <48.1 is affected, but my screen recording clearly indicates that 48.1 IS affected.", "creation_timestamp": "2026-05-23T21:17:23.580090Z"}2026-05-23T21:17:23.580090+00:00https://vulnerability.circl.lu/sighting/4fdb0379-34b0-409b-bbe5-2b9e2faa41a7/export4fdb0379-34b0-409b-bbe5-2b9e2faa41a72026-06-21T14:37:38.845872+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "4fdb0379-34b0-409b-bbe5-2b9e2faa41a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46529", "type": "seen", "source": "https://bsky.app/profile/wdormann.infosec.exchange.ap.brid.gy/post/3mmkepycm3fd2", "content": "This evince (and friends) command injection is sort of neat.\n\nThere seems to be some agreement that it's CVE-2026-46529, except CVE-2026-46529 doesn't actually exist.\n\nThe advisory isn't clear what distros are affected, and it took a couple of attempts to [\u2026] \n\n[Original post on infosec.exchange]", "creation_timestamp": "2026-05-23T21:17:30.050002Z"}2026-05-23T21:17:30.050002+00:00https://vulnerability.circl.lu/sighting/54ad6686-9abe-4f08-9f65-596d58de8364/export54ad6686-9abe-4f08-9f65-596d58de83642026-06-21T14:37:38.845020+00:00Joseph Leehttps://cve.circl.lu/user/syspect{"uuid": "54ad6686-9abe-4f08-9f65-596d58de8364", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-46526", "type": "published-proof-of-concept", "source": "https://github.com/LearningCircuit/local-deep-research/security/advisories/GHSA-g23j-2vwm-5c25", "content": "", "creation_timestamp": "2026-05-24T07:26:23.000000Z"}2026-05-24T07:26:23+00:00https://vulnerability.circl.lu/sighting/891d82f0-c0e6-4aca-aa09-245d0955079c/export891d82f0-c0e6-4aca-aa09-245d0955079c2026-06-21T14:37:38.844929+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "891d82f0-c0e6-4aca-aa09-245d0955079c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46527", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmzihovmfd2m", "content": "CVE-2026-46527 - cpp-httplib: Malicious `X-Forwarded-For` Under Trusted-Proxy Configuration Triggers Empty `vector::front()`, Leading to Undefined Behavior and Server Crash\nCVE ID : CVE-2026-46527\n \n Published : May 29, 2026, 8:16 p.m. | 16\u00a0minutes ago\n \n Description : cpp-htt...", "creation_timestamp": "2026-05-29T21:34:16.909215Z"}2026-05-29T21:34:16.909215+00:00https://vulnerability.circl.lu/sighting/b58ab7bc-6074-4087-96ce-761323f20c3e/exportb58ab7bc-6074-4087-96ce-761323f20c3e2026-06-21T14:37:38.844843+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "b58ab7bc-6074-4087-96ce-761323f20c3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46529", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mnijpysvqc2y", "content": "\u26a0\ufe0f ALERTA DE SEGURAN\u00c7A \u26a0\ufe0f\n\nA vulnerabilidade CVE-2026-46529 no visualizador de PDFs Evince pode comprometer seu sistema com um \u00fanico clique. Saiba mais. -> tinyurl.com/2xa5kyja #openSUSE", "creation_timestamp": "2026-06-04T21:06:48.563615Z"}2026-06-04T21:06:48.563615+00:00https://vulnerability.circl.lu/sighting/113a5e9e-e782-4d95-af9b-cfcfad9878e3/export113a5e9e-e782-4d95-af9b-cfcfad9878e32026-06-21T14:37:38.844774+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "113a5e9e-e782-4d95-af9b-cfcfad9878e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46529", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mnijq34o3k2y", "content": "\u26a0\ufe0f ALERTA DE SEGURAN\u00c7A \u26a0\ufe0f\n\nA vulnerabilidade CVE-2026-46529 no visualizador de PDFs Evince pode comprometer seu sistema com um \u00fanico clique. Saiba mais. -> tinyurl.com/2xa5kyja #openSUSE", "creation_timestamp": "2026-06-04T21:06:49.112715Z"}2026-06-04T21:06:49.112715+00:00https://vulnerability.circl.lu/sighting/e8d96eb3-f4c1-44d7-8534-ab3854b6ba7e/exporte8d96eb3-f4c1-44d7-8534-ab3854b6ba7e2026-06-21T14:37:38.844699+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "e8d96eb3-f4c1-44d7-8534-ab3854b6ba7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46529", "type": "seen", "source": "https://bsky.app/profile/wdormann.infosec.exchange.ap.brid.gy/post/3mnxphbvlmsy2", "content": "Courtesy of GitHub, CVE-2026-46529 now exists\n\nBetter late than never?", "creation_timestamp": "2026-06-10T21:59:56.725833Z"}2026-06-10T21:59:56.725833+00:00https://vulnerability.circl.lu/sighting/fda4de24-0892-492e-afe6-fae4c68eac2b/exportfda4de24-0892-492e-afe6-fae4c68eac2b2026-06-21T14:37:38.844617+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "fda4de24-0892-492e-afe6-fae4c68eac2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46529", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnxxpa5vn52n", "content": "CVE-2026-46529 - PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen\nCVE ID : CVE-2026-46529\n \n Published : June 10, 2026, 8:17 p.m. | 2\u00a0hours, 59\u00a0minutes ago\n \n Description : Atril Document Viewer is the default document reader of the MATE deskto...", "creation_timestamp": "2026-06-11T00:26:48.105437Z"}2026-06-11T00:26:48.105437+00:00https://vulnerability.circl.lu/sighting/b8ad7ed1-49b1-4592-9dd3-054374888905/exportb8ad7ed1-49b1-4592-9dd3-0543748889052026-06-21T14:37:38.844502+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "b8ad7ed1-49b1-4592-9dd3-054374888905", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46520", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnygzyjcyh2n", "content": "\ud83d\udfe0 CVE-2026-46520 - High (7.5)\n\nImageMagick is free and open-source software used for editing and manipulating digital images. Pr...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-46520/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-11T05:02:25.915716Z"}2026-06-11T05:02:25.915716+00:00https://vulnerability.circl.lu/sighting/44c0a10a-da8b-44cc-80c9-8d9078efb2a5/export44c0a10a-da8b-44cc-80c9-8d9078efb2a52026-06-21T14:37:38.841573+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "44c0a10a-da8b-44cc-80c9-8d9078efb2a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46522", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnyh27xmxp2n", "content": "\ud83d\udfe0 CVE-2026-46522 - High (7.5)\n\nImageMagick is free and open-source software used for editing and manipulating digital images. Pr...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-46522/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-11T05:03:00.524122Z"}2026-06-11T05:03:00.524122+00:00