https://vulnerability.circl.lu/sightings/feed 2026-06-28T01:50:12.077685+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/21820b07-0d95-453f-88f0-3d51f20fac37/export 2026-06-28T01:50:12.107798+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "21820b07-0d95-453f-88f0-3d51f20fac37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47100", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mnexfpc6ht2e", "content": "CVE-2026-47100 Funnel Builder for WooCommerce Checkout\u306e\u8106\u5f31\u6027\u3092\u308f\u304b\u308a\u3084\u3059\u304f\u89e3\u8aac\uff5c\u5f71\u97ff\u7bc4\u56f2\u3068\u5bfe\u7b56\u307e\u3068\u3081\n\nCVE-2026-47100 Funnel Builder for WooCommerce Checkout\u306e\u30d0\u30fc\u30b8\u30e7\u30f33.15.0.3\u4ee5\u524d\u306b\u306f\u3001\u8a8d\u8a3c\u304c\u6b20\u843d\u3057\u3066\u3044\u308b\u8106\u5f31\u6027\u304c\u5b58\u5728\u3057\u307e\u3059\u3002", "creation_timestamp": "2026-06-03T11:00:54.328746Z"} 2026-06-03T11:00:54.328746+00:00 https://vulnerability.circl.lu/sighting/8e54284c-80d9-4697-9c23-db2aa776eecf/export 2026-06-28T01:50:12.107692+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "8e54284c-80d9-4697-9c23-db2aa776eecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47106", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnv6u2vvte23", "content": "CVE-2026-47106 - Ellucian Banner Self-Service Stored XSS via getFacultyMeetingTimes API\nCVE ID : CVE-2026-47106\n \n Published : 9. Juni 2026 20:16 | 20\u00a0Minuten ago\n \n Description : Ellucian Banner Self-Service before the April T2 release (2025-04-23) contains a stored cross-sit...", "creation_timestamp": "2026-06-09T21:56:49.304897Z"} 2026-06-09T21:56:49.304897+00:00 https://vulnerability.circl.lu/sighting/688f35f5-6d28-4fde-aee1-7111e84109e5/export 2026-06-28T01:50:12.107588+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "688f35f5-6d28-4fde-aee1-7111e84109e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47101", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mo23dfxbkd2j", "content": "\ud83d\udccc CVE-2026-47101 - LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API keys with access to routes that their role does not permit. When generati... https://www.cyberhub.blog/cves/CVE-2026-47101", "creation_timestamp": "2026-06-11T20:37:06.405558Z"} 2026-06-11T20:37:06.405558+00:00 https://vulnerability.circl.lu/sighting/4329d71c-d207-4eaa-8aac-217e422c7586/export 2026-06-28T01:50:12.107430+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "4329d71c-d207-4eaa-8aac-217e422c7586", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47102", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mo2bzzbyub2c", "content": "\ud83d\udccc CVE-2026-47102 - LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /user/update endpoint. While the endpoint correctly restricts users to up... https://www.cyberhub.blog/cves/CVE-2026-47102", "creation_timestamp": "2026-06-11T22:37:07.343881Z"} 2026-06-11T22:37:07.343881+00:00 https://vulnerability.circl.lu/sighting/26490883-df7d-40e3-aa96-6fde93703e71/export 2026-06-28T01:50:12.105588+00:00 Joseph Lee https://cve.circl.lu/user/syspect {"uuid": "26490883-df7d-40e3-aa96-6fde93703e71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-47103", "type": "published-proof-of-concept", "source": "https://github.com/fgmacedo/python-statemachine/security/advisories/GHSA-v4jc-pm6r-3vj8", "content": "", "creation_timestamp": "2026-06-17T11:39:45.000000Z"} 2026-06-17T11:39:45+00:00 https://vulnerability.circl.lu/sighting/6359581d-f7b7-407c-88a8-eb59b9353d90/export 2026-06-28T01:50:12.105478+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "6359581d-f7b7-407c-88a8-eb59b9353d90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-47103", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3moimysp6w224", "content": "Critical RCE in fgmacedo python-statemachine (3.0.0 \u2013 <3.2.0)! Unsafe eval in SCXML allows code execution. Avoid untrusted SCXML, monitor for patches. Details: https://radar.offseq.com/threat/cve-2026-47103-improper-neutralization-of-directiv-73074fb6af41b907 #OffSeq #Python #Security", "creation_timestamp": "2026-06-17T15:30:34.617480Z"} 2026-06-17T15:30:34.617480+00:00 https://vulnerability.circl.lu/sighting/b6303d6e-5782-4997-b472-f294ae25ced5/export 2026-06-28T01:50:12.105379+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "b6303d6e-5782-4997-b472-f294ae25ced5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-47103", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3moiooixiwo2r", "content": "Critical RCE in python-statemachine (3.0.0 \u2013 <3.2.0): attacker-supplied SCXML can trigger unsanitized eval(). Avoid untrusted SCXML and watch for patch info: https://radar.offseq.com/threat/cve-2026-47103-improper-neutralization-of-directiv-73074fb6af41b907 #OffSeq #python #security", "creation_timestamp": "2026-06-17T16:00:40.565976Z"} 2026-06-17T16:00:40.565976+00:00 https://vulnerability.circl.lu/sighting/24ff4db0-7efa-4ab8-a348-68d9d9f2ea76/export 2026-06-28T01:50:12.105271+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "24ff4db0-7efa-4ab8-a348-68d9d9f2ea76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47103", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moivs7gmrq27", "content": "CVE-2026-47103 - Python StateMachine 3.0.0\nCVE ID : CVE-2026-47103\n \n Published : June 17, 2026, 2:32 p.m. | 2\u00a0hours, 36\u00a0minutes ago\n \n Description : Python StateMachine versions 3.0.0 before 3.2.0 contains a remote code execution vulnerability that allows attackers to execute...", "creation_timestamp": "2026-06-17T18:07:59.323651Z"} 2026-06-17T18:07:59.323651+00:00 https://vulnerability.circl.lu/sighting/a793c67a-64f4-4d73-b0a6-8ca4dcb3910f/export 2026-06-28T01:50:12.105135+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "a793c67a-64f4-4d73-b0a6-8ca4dcb3910f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47103", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mok45esats25", "content": "the wild. Immediate patching and access control review recommended.\n[Source: @offseq@infosec.exchange](https://infosec.exchange/@offseq/116758965574886024)\n\n## 3. \ud83d\udea8 CRITICAL: CVE-2026-47103 \u2014 python-statemachine eval() RCE (CVSS 9.3)\nAn unsanitized `eval()` in SCXML processing lets attackers", "creation_timestamp": "2026-06-18T05:34:13.540101Z"} 2026-06-18T05:34:13.540101+00:00 https://vulnerability.circl.lu/sighting/3defa3f3-0fa0-4aa5-9521-eaa91d3bae80/export 2026-06-28T01:50:12.102158+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "3defa3f3-0fa0-4aa5-9521-eaa91d3bae80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47103", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mokymjnfot2q", "content": "zero-day is actively exploited in the wild. Immediate patching and access control review recommended.\n[Source: @offseq@infosec.exchange](https://infosec.exchange/@offseq/116758965574886024)\n\n## 3. \ud83d\udea8 CRITICAL: CVE-2026-47103 \u2014 python-statemachine eval() RCE (CVSS 9.3)\nAn", "creation_timestamp": "2026-06-18T14:03:46.003340Z"} 2026-06-18T14:03:46.003340+00:00