<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-15T23:20:12.718649+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/641e59ae-0df8-4a68-a91f-59396d419780/export</id>
    <title>641e59ae-0df8-4a68-a91f-59396d419780</title>
    <updated>2026-07-15T23:20:12.740593+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "641e59ae-0df8-4a68-a91f-59396d419780", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47429", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqmxjui5ty2t", "content": "CVE-2026-47429 - vitest\nIf you're using Vitest UI on Windows and exposing it to the network, or running it on Windows without proper security, an attacker could access and execute arbitrary files.\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#vitest #GitHubActions #npm #CVE #infosec", "creation_timestamp": "2026-07-14T19:40:05.831331Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/641e59ae-0df8-4a68-a91f-59396d419780/export"/>
    <published>2026-07-14T19:40:05.831331+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c9fa1e0f-7970-4e57-a9f4-0d1e07e645a9/export</id>
    <title>c9fa1e0f-7970-4e57-a9f4-0d1e07e645a9</title>
    <updated>2026-07-15T23:20:12.742713+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c9fa1e0f-7970-4e57-a9f4-0d1e07e645a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47429", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mprkoe7q362x", "content": "CVE-2026-47429 - @rootio/vitest\nThe Root vitest package had a vulnerability that could allow an attacker to execute unauthorized code. This could have let a malicious user access or modify sensitive data.\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#rootio #Rootnpm #CVE #infosec", "creation_timestamp": "2026-07-03T22:08:04.921396Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c9fa1e0f-7970-4e57-a9f4-0d1e07e645a9/export"/>
    <published>2026-07-03T22:08:04.921396+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/70ffff1a-3271-4119-9a47-48c9d5cfb966/export</id>
    <title>70ffff1a-3271-4119-9a47-48c9d5cfb966</title>
    <updated>2026-07-15T23:20:12.742855+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "70ffff1a-3271-4119-9a47-48c9d5cfb966", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47429", "type": "published-proof-of-concept", "source": "Telegram/cFkqaiLeMF7rcnyy-4alEvGOnwxzqn60V0GjpreyOt3-Yxw", "content": "", "creation_timestamp": "2026-06-09T11:00:07.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/70ffff1a-3271-4119-9a47-48c9d5cfb966/export"/>
    <published>2026-06-09T11:00:07+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/204828ac-eb7e-4791-aaec-a43350c0128b/export</id>
    <title>204828ac-eb7e-4791-aaec-a43350c0128b</title>
    <updated>2026-07-15T23:20:12.742965+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "204828ac-eb7e-4791-aaec-a43350c0128b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47429", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3mnqcloetts2r", "content": "JavaScript \u30c6\u30b9\u30c8\u30d5\u30ec\u30fc\u30e0\u30ef\u30fc\u30af Vitest\u306b\u91cd\u5927\u306a\u8106\u5f31\u6027(VE-2026-47428,CVE-2026-47429,CVE\u672a\u63a1\u756a)\nrocket-boys.co.jp/security-mea...\n\n#\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56Lab #security #securitynews", "creation_timestamp": "2026-06-07T23:20:25.452654Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/204828ac-eb7e-4791-aaec-a43350c0128b/export"/>
    <published>2026-06-07T23:20:25.452654+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e2c1abbd-97b9-4484-ba21-9e557b2923b1/export</id>
    <title>e2c1abbd-97b9-4484-ba21-9e557b2923b1</title>
    <updated>2026-07-15T23:20:12.743069+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cve.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "e2c1abbd-97b9-4484-ba21-9e557b2923b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-47429", "type": "published-proof-of-concept", "source": "https://github.com/vitest-dev/vitest/security/advisories/GHSA-5xrq-8626-4rwp", "content": "", "creation_timestamp": "2026-05-19T09:24:23.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e2c1abbd-97b9-4484-ba21-9e557b2923b1/export"/>
    <published>2026-05-19T09:24:23+00:00</published>
  </entry>
</feed>
