https://vulnerability.circl.lu/sightings/feed 2026-06-27T06:44:40.028078+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/4c03c1a0-bb80-4273-8e4e-1d0957159509/export 2026-06-27T06:44:40.054642+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "4c03c1a0-bb80-4273-8e4e-1d0957159509", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49196", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmyh6rpkeo2i", "content": "CVE-2026-49196 - Predator Connect W6x: Web Interface Command Injection\nCVE ID : CVE-2026-49196\n \n Published : May 29, 2026, 9:16 a.m. | 1\u00a0hour, 54\u00a0minutes ago\n \n Description : The Wi-Fi device blocking feature fails to sanitize MAC address input, allowing injection and executi...", "creation_timestamp": "2026-05-29T11:38:44.376606Z"} 2026-05-29T11:38:44.376606+00:00 https://vulnerability.circl.lu/sighting/3f84fe66-0f4e-405f-839d-0976a65a4dad/export 2026-06-27T06:44:40.054528+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "3f84fe66-0f4e-405f-839d-0976a65a4dad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49199", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmyheqtu2j2i", "content": "CVE-2026-49199 - Predator Connect W6x: RCE via MQTT\nCVE ID : CVE-2026-49199\n \n Published : May 29, 2026, 9:16 a.m. | 1\u00a0hour, 54\u00a0minutes ago\n \n Description : Crafted MQTT messages can trigger command injection, resulting in root-level code execution on the target device.\n \n Sev...", "creation_timestamp": "2026-05-29T11:42:05.895523Z"} 2026-05-29T11:42:05.895523+00:00 https://vulnerability.circl.lu/sighting/e471c243-49a5-4ab7-a8f2-65479706d685/export 2026-06-27T06:44:40.054421+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "e471c243-49a5-4ab7-a8f2-65479706d685", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49197", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmyhlin4q322", "content": "CVE-2026-49197 - Predator Connect W6x: Improper Authentication\nCVE ID : CVE-2026-49197\n \n Published : May 29, 2026, 9:16 a.m. | 1\u00a0hour, 54\u00a0minutes ago\n \n Description : Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to...", "creation_timestamp": "2026-05-29T11:45:51.311069Z"} 2026-05-29T11:45:51.311069+00:00 https://vulnerability.circl.lu/sighting/4f64efc9-851d-40c3-8f49-f916c01c2315/export 2026-06-27T06:44:40.054318+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "4f64efc9-851d-40c3-8f49-f916c01c2315", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49195", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmyht6ixjo2w", "content": "CVE-2026-49195 - Predator Connect W6x: unauthenticated Debug Service\nCVE ID : CVE-2026-49195\n \n Published : May 29, 2026, 9:16 a.m. | 1\u00a0hour, 54\u00a0minutes ago\n \n Description : Unauthenticated Debug Service. The /sbin/mtk_dut binary is exposed on TCP port 9000 without authenticat...", "creation_timestamp": "2026-05-29T11:50:08.907408Z"} 2026-05-29T11:50:08.907408+00:00 https://vulnerability.circl.lu/sighting/44d43d0c-40bb-4444-ae37-33ee9d644dfb/export 2026-06-27T06:44:40.054204+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "44d43d0c-40bb-4444-ae37-33ee9d644dfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49198", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmyj7xvhmi2d", "content": "CVE-2026-49198 - Predator Connect W6x: MQTT Broker Access Control\nCVE ID : CVE-2026-49198\n \n Published : May 29, 2026, 9:16 a.m. | 1\u00a0hour, 54\u00a0minutes ago\n \n Description : Improper access control in the MQTT broker allows wildcard topic subscriptions, exposing all MQTT traffic ...", "creation_timestamp": "2026-05-29T12:15:11.850984Z"} 2026-05-29T12:15:11.850984+00:00 https://vulnerability.circl.lu/sighting/c84aab7f-f0ee-4d6d-ae42-63bb9905bd8f/export 2026-06-27T06:44:40.054049+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "c84aab7f-f0ee-4d6d-ae42-63bb9905bd8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49197", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mouba73wwj22", "content": "\ud83d\udea8 ALERT: CVE-2026-49197\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nWeb endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails.\n\n\ud83c\udfaf WHO'S AFFECTED:\n \u2022 Predator Connect W6X Firmware\n\n\u2694\ufe0f HOW IT'S EXPLOITED:\nAttack vector: un", "creation_timestamp": "2026-06-22T06:31:54.019613Z"} 2026-06-22T06:31:54.019613+00:00 https://vulnerability.circl.lu/sighting/5cd17157-a0d2-4a31-9c4d-513821611235/export 2026-06-27T06:44:40.051800+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "5cd17157-a0d2-4a31-9c4d-513821611235", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49199", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3moubafvjdf2v", "content": "\ud83d\udea8 ALERT: CVE-2026-49199\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nCrafted MQTT messages can trigger command injection, resulting in root-level code execution on the target device.\n\n\ud83c\udfaf WHO'S AFFECTED:\n \u2022 Predator Connect W6X Firmware\n\n\u2694\ufe0f HOW IT'S EXPLOITED:\nAttack vector: unknown\nImpact: high impact on confidenti", "creation_timestamp": "2026-06-22T06:32:00.709780Z"} 2026-06-22T06:32:00.709780+00:00