Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-24T05:17:47.470455+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/c3140ced-4211-400f-9537-46a8fc74e7fc/export c3140ced-4211-400f-9537-46a8fc74e7fc 2026-06-24T05:17:47.492695+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "c3140ced-4211-400f-9537-46a8fc74e7fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4987", "type": "seen", "source": "Telegram/HQHk6b46qFnTAF0zr_kYdi4jZ1-94Qa5IEvzqYOSjpwlfy8", "content": "", "creation_timestamp": "2026-03-28T03:16:54.000000Z"} 2026-03-28T03:16:54+00:00 https://vulnerability.circl.lu/sighting/65e39bfc-c8e5-4997-a986-eaa2b3729402/export 65e39bfc-c8e5-4997-a986-eaa2b3729402 2026-06-24T05:17:47.492639+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "65e39bfc-c8e5-4997-a986-eaa2b3729402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4987", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mi3tfi5rvw2o", "content": "", "creation_timestamp": "2026-03-28T04:49:15.236609Z"} 2026-03-28T04:49:15.236609+00:00 https://vulnerability.circl.lu/sighting/5a7c7ca5-2b0d-45ce-beb7-d8d585bd114c/export 5a7c7ca5-2b0d-45ce-beb7-d8d585bd114c 2026-06-24T05:17:47.492578+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "5a7c7ca5-2b0d-45ce-beb7-d8d585bd114c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4987", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116305273346870948", "content": "", "creation_timestamp": "2026-03-28T06:00:34.394432Z"} 2026-03-28T06:00:34.394432+00:00 https://vulnerability.circl.lu/sighting/7ee24d25-9675-40b2-9a5f-4928379172de/export 7ee24d25-9675-40b2-9a5f-4928379172de 2026-06-24T05:17:47.492512+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "7ee24d25-9675-40b2-9a5f-4928379172de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4987", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mi3xezlxof26", "content": "", "creation_timestamp": "2026-03-28T06:00:35.408771Z"} 2026-03-28T06:00:35.408771+00:00 https://vulnerability.circl.lu/sighting/f044d409-b166-4934-a12f-59f33959ef7e/export f044d409-b166-4934-a12f-59f33959ef7e 2026-06-24T05:17:47.492449+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "f044d409-b166-4934-a12f-59f33959ef7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4987", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116309400818400329", "content": "", "creation_timestamp": "2026-03-28T23:30:14.827775Z"} 2026-03-28T23:30:14.827775+00:00 https://vulnerability.circl.lu/sighting/b3284866-c330-4ceb-aa59-d47e6a810762/export b3284866-c330-4ceb-aa59-d47e6a810762 2026-06-24T05:17:47.492380+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "b3284866-c330-4ceb-aa59-d47e6a810762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49875", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mnzq3qks772t", "content": "CVE-2026-49875: Apache CXF: XML External Entity (XXE) Injection in W3CMultiSchemaFactory and EndpointReferenceUtils", "creation_timestamp": "2026-06-11T17:15:57.338657Z"} 2026-06-11T17:15:57.338657+00:00 https://vulnerability.circl.lu/sighting/10eadd50-2caa-4e11-927d-184beb938192/export 10eadd50-2caa-4e11-927d-184beb938192 2026-06-24T05:17:47.492312+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "10eadd50-2caa-4e11-927d-184beb938192", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49875", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3modpy476mu2v", "content": "\ud83d\udea8 CRITICAL ALERT: CVE-2026-49875\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nApache CXF's EndpointReferenceUtils and W3CMultiSchemaFactory classes construct a SAXParserFactory without the necessary JAXP hardening configurations, enabling out-of-band (OOB) \nexternal entity resolution.\u00a0Users are recommended to upgrad", "creation_timestamp": "2026-06-15T16:40:32.796970Z"} 2026-06-15T16:40:32.796970+00:00 https://vulnerability.circl.lu/sighting/654522ea-c085-46b4-969a-3b914614ca83/export 654522ea-c085-46b4-969a-3b914614ca83 2026-06-24T05:17:47.492244+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "654522ea-c085-46b4-969a-3b914614ca83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49871", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3monnobmqmq2v", "content": "CVE-2026-49871: Apache APISIX: cas-auth login CSRF / session injection issue", "creation_timestamp": "2026-06-19T15:25:52.809042Z"} 2026-06-19T15:25:52.809042+00:00 https://vulnerability.circl.lu/sighting/ddcace2a-70b4-4c0c-8d44-5b0c57995bb2/export ddcace2a-70b4-4c0c-8d44-5b0c57995bb2 2026-06-24T05:17:47.492157+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "ddcace2a-70b4-4c0c-8d44-5b0c57995bb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49872", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3monocokqpd2x", "content": "CVE-2026-49872: Apache APISIX: Improper authentication in cas-auth plugin", "creation_timestamp": "2026-06-19T15:37:17.406858Z"} 2026-06-19T15:37:17.406858+00:00 https://vulnerability.circl.lu/sighting/3d5f934a-b981-4ec8-af2c-9edbc2dcd5b1/export 3d5f934a-b981-4ec8-af2c-9edbc2dcd5b1 2026-06-24T05:17:47.490092+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "3d5f934a-b981-4ec8-af2c-9edbc2dcd5b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49871", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116781763259383270", "content": "A lot of offensive activities were identified targeting Apache APISIX (CVE-2026-49871) https://vuldb.com/vuln/372401/cti", "creation_timestamp": "2026-06-20T09:38:14.531453Z"} 2026-06-20T09:38:14.531453+00:00