https://vulnerability.circl.lu/sightings/feed 2026-06-27T09:30:53.621255+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/fa9ad410-5fbc-464a-902b-69a8b91c1922/export 2026-06-27T09:30:53.645029+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "fa9ad410-5fbc-464a-902b-69a8b91c1922", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48785", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mo665pux3s2w", "content": "\ud83d\udc27 Proteja seu Apptainer no Fedora! Script + mitiga\u00e7\u00e3o + comandos reais para verificar e corrigir a falha CVE-2026-48785. Conte\u00fado perene: \u00fatil por anos. Saiba mais: -> tinyurl.com/ymky4h28 #Fedora", "creation_timestamp": "2026-06-13T11:39:48.380992Z"} 2026-06-13T11:39:48.380992+00:00 https://vulnerability.circl.lu/sighting/7f203008-56b1-4347-b394-8fa9bff01a25/export 2026-06-27T09:30:53.644966+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "7f203008-56b1-4347-b394-8fa9bff01a25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48780", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mog67gafbm25", "content": "\ud83d\udfe0 CVE-2026-48780 - High (8.2)\n\nForem is open source software for building communities. Prior to commit a2ab6d4, a maliciously cr...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48780/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-16T16:00:31.108978Z"} 2026-06-16T16:00:31.108978+00:00 https://vulnerability.circl.lu/sighting/ff9483d0-835b-49b5-947c-f717c04c4765/export 2026-06-27T09:30:53.644905+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "ff9483d0-835b-49b5-947c-f717c04c4765", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48780", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogf2rqlzg2c", "content": "CVE-2026-48780 - Forem vulnerable to bypass of email address domain restrictions\nCVE ID : CVE-2026-48780\n \n Published : June 16, 2026, 3:16 p.m. | 1\u00a0hour, 52\u00a0minutes ago\n \n Description : Forem is open source software for building communities. Prior to commit a2ab6d4, a malicio...", "creation_timestamp": "2026-06-16T18:03:10.686368Z"} 2026-06-16T18:03:10.686368+00:00 https://vulnerability.circl.lu/sighting/38fa3e06-7edd-427c-a026-4db2c573c100/export 2026-06-27T09:30:53.644842+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "38fa3e06-7edd-427c-a026-4db2c573c100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48788", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogyvk4rbf2f", "content": "CVE-2026-48788 - Remark42: Cross-Site Scripting (XSS) on /api/v1/img via content-type spoofing\nCVE ID : CVE-2026-48788\n \n Published : June 16, 2026, 10:29 p.m. | 1\u00a0hour, 3\u00a0minutes ago\n \n Description : Remark42 is a self-hosted comment engine for blogs, articles, or any other p...", "creation_timestamp": "2026-06-16T23:58:10.425749Z"} 2026-06-16T23:58:10.425749+00:00 https://vulnerability.circl.lu/sighting/bee121c0-7248-4192-a00f-940cd52ef817/export 2026-06-27T09:30:53.644777+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "bee121c0-7248-4192-a00f-940cd52ef817", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48781", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogz6imvsz26", "content": "CVE-2026-48781 - Postiz has cross-tenant SUPERADMIN takeover via Skool-provider JWT forgery\nCVE ID : CVE-2026-48781\n \n Published : June 16, 2026, 9:31 p.m. | 2\u00a0hours, 1\u00a0minute ago\n \n Description : Postiz is an AI social media scheduling tool. In versions prior to 2.21.8, the S...", "creation_timestamp": "2026-06-17T00:03:10.891073Z"} 2026-06-17T00:03:10.891073+00:00 https://vulnerability.circl.lu/sighting/4178373b-50ab-499b-a7ab-c75d5428c7af/export 2026-06-27T09:30:53.644707+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "4178373b-50ab-499b-a7ab-c75d5428c7af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48783", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogznfyenc2x", "content": "CVE-2026-48783 - Postiz has an unauthenticated billing-enforcement bypass via /public/modify-subscription\nCVE ID : CVE-2026-48783\n \n Published : June 16, 2026, 9:38 p.m. | 1\u00a0hour, 54\u00a0minutes ago\n \n Description : Postiz is an AI social media scheduling tool. Versions prior to 2...", "creation_timestamp": "2026-06-17T00:11:30.602099Z"} 2026-06-17T00:11:30.602099+00:00 https://vulnerability.circl.lu/sighting/293dcc04-fd0a-4aaf-9d55-678d1a8a8cf3/export 2026-06-27T09:30:53.644640+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "293dcc04-fd0a-4aaf-9d55-678d1a8a8cf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48782", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogzzvej3z22", "content": "CVE-2026-48782 - pydantic-ai: SSRF blocklist bypass via IPv4-compatible, SIIT/IVI, and local NAT64 IPv6 addresses (incomplete fix of CVE-2026-46678)\nCVE ID : CVE-2026-48782\n \n Published : June 16, 2026, 10:49 p.m. | 43\u00a0minutes ago\n \n Description : Pydantic AI is a Python agent...", "creation_timestamp": "2026-06-17T00:18:29.322657Z"} 2026-06-17T00:18:29.322657+00:00 https://vulnerability.circl.lu/sighting/542cd58d-f8a8-465d-99f0-93cf1a4577d3/export 2026-06-27T09:30:53.644557+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "542cd58d-f8a8-465d-99f0-93cf1a4577d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48787", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moodetdjam2g", "content": "CVE-2026-48787 - gin-vue-admin vulnerable to RCE\nCVE ID : CVE-2026-48787\n \n Published : June 19, 2026, 7:46 p.m. | 1\u00a0hour, 56\u00a0minutes ago\n \n Description : gin-vue-admin is an AI-assisted basic development platform. In version 2.9.1, an authenticated attacker with access to the...", "creation_timestamp": "2026-06-19T21:54:18.158597Z"} 2026-06-19T21:54:18.158597+00:00 https://vulnerability.circl.lu/sighting/76379a7c-b178-444f-916c-88c99e1efd93/export 2026-06-27T09:30:53.643819+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "76379a7c-b178-444f-916c-88c99e1efd93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48788", "type": "seen", "source": "https://gist.github.com/alon710/89044faa74c1d9de479703a9098fa939", "content": "# CVE-2026-48788: CVE-2026-48788: Cross-Site Scripting and Content-Type Spoofing in Remark42 Image Proxy\n\n> **CVSS Score:** 8.2\n> **Published:** 2026-06-26\n> **Full Report:** https://cvereports.com/reports/CVE-2026-48788\n\n## Summary\nA critical-severity Cross-Site Scripting (XSS) and Content-Type spoofing vulnerability in Remark42 (versions 1.6.0 through 1.15.0) allows remote attackers to execute arbitrary client-side script code via a crafted image proxy request.\n\n## TL;DR\nRemark42 is vulnerable to an interpretation conflict where a malicious remote server spoofing a png content-type header can bypass download filters, forcing Remark42's image proxy to serve executable HTML payloads.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-436, CWE-79\n- **Attack Vector**: Network (AV:N)\n- **CVSS Score**: 8.2 (High)\n- **EPSS Score**: 0.00251\n- **Exploit Status**: PoC\n- **CISA KEV Status**: Not Listed\n\n## Affected Systems\n\n- Remark42 Comment Engine\n- **remark42**: >= 1.6.0, < 1.16.0 (Fixed in: `1.16.0`)\n\n## Mitigation\n\n- Upgrade to version 1.16.0 or higher\n- Enforce X-Content-Type-Options: nosniff header on reverse proxies\n- Disable the image proxy feature if not strictly required\n\n**Remediation Steps:**\n1. Update the Remark42 container image to tag v1.16.0 or higher\n2. Clear any front-end CDN caches associated with /api/v1/img\n3. Verify the presence of X-Content-Type-Options headers in proxy responses\n\n## References\n\n- [NVD CVE-2026-48788 Detail](https://nvd.nist.gov/vuln/detail/CVE-2026-48788)\n- [GHSA-4c8j-mgm4-qqvp Advisory](https://github.com/umputun/remark42/security/advisories/GHSA-4c8j-mgm4-qqvp)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-48788) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-26T19:42:06.282996Z"} 2026-06-26T19:42:06.282996+00:00 https://vulnerability.circl.lu/sighting/e0032036-4f3b-4bda-8ae2-e0cc2dc19c40/export 2026-06-27T09:30:53.641824+00:00 Joseph Lee https://cve.circl.lu/user/syspect {"uuid": "e0032036-4f3b-4bda-8ae2-e0cc2dc19c40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48788", "type": "published-proof-of-concept", "source": "https://github.com/umputun/remark42/security/advisories/GHSA-4c8j-mgm4-qqvp", "content": "", "creation_timestamp": "2026-06-26T20:35:05.391662Z"} 2026-06-26T20:35:05.391662+00:00