<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-03T11:54:04.078047+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3e4214c3-4c1f-4e56-ba6f-898271516e81/export</id>
    <title>3e4214c3-4c1f-4e56-ba6f-898271516e81</title>
    <updated>2026-07-03T11:54:04.095643+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3e4214c3-4c1f-4e56-ba6f-898271516e81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49953", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moe63cswrv2m", "content": "CVE-2026-49953 - Discuz! X5.0 CAPTCHA Bypass via Predictable Character Set\nCVE ID : CVE-2026-49953\n \n Published : June 15, 2026, 6:45 p.m. | 56\u00a0minutes ago\n \n Description : Discuz! X5.0 releases 20260320 through 20260501 contains a CAPTCHA bypass vulnerability that allows unau...", "creation_timestamp": "2026-06-15T20:52:52.786515Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3e4214c3-4c1f-4e56-ba6f-898271516e81/export"/>
    <published>2026-06-15T20:52:52.786515+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4607a7ac-6853-4c8a-914b-dde002107dec/export</id>
    <title>4607a7ac-6853-4c8a-914b-dde002107dec</title>
    <updated>2026-07-03T11:54:04.097702+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "4607a7ac-6853-4c8a-914b-dde002107dec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49952", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moe5sedrap22", "content": "CVE-2026-49952 - Discuz! X5.0 Authentication Bypass via dbbak.php Encryption Oracle\nCVE ID : CVE-2026-49952\n \n Published : June 15, 2026, 6:43 p.m. | 58\u00a0minutes ago\n \n Description : Discuz! X5.0 releases 20260320 through 20260501 contains an authentication bypass vulnerability...", "creation_timestamp": "2026-06-15T20:47:52.368807Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4607a7ac-6853-4c8a-914b-dde002107dec/export"/>
    <published>2026-06-15T20:47:52.368807+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d9951a54-d7cf-4cc3-a694-a60d8c8edff4/export</id>
    <title>d9951a54-d7cf-4cc3-a694-a60d8c8edff4</title>
    <updated>2026-07-03T11:54:04.097879+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d9951a54-d7cf-4cc3-a694-a60d8c8edff4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49954", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moe5jfvgvz2a", "content": "CVE-2026-49954 - Discuz! X5.0 Local File Inclusion via enable_disable.php Plugin Directory\nCVE ID : CVE-2026-49954\n \n Published : June 15, 2026, 6:50 p.m. | 52\u00a0minutes ago\n \n Description : Discuz! X5.0 releases 20260320 through 20260501 contain a local file inclusion vulnerabi...", "creation_timestamp": "2026-06-15T20:42:52.208803Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d9951a54-d7cf-4cc3-a694-a60d8c8edff4/export"/>
    <published>2026-06-15T20:42:52.208803+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/fa7d6474-22cc-4abc-bf75-9798e94d6d9a/export</id>
    <title>fa7d6474-22cc-4abc-bf75-9798e94d6d9a</title>
    <updated>2026-07-03T11:54:04.098031+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "fa7d6474-22cc-4abc-bf75-9798e94d6d9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49952", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3moe4bl2zhh2j", "content": "\ud83d\udea8 CRITICAL ALERT: CVE-2026-49952\n\nCVSS 9.1/10\n\n\ud83d\udccb WHAT IT IS:\nDiscuz! X5.0 releases 20260320 through 20260501 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to gain unauthorized access to database backup and restore functionality by exploiting a shared cr", "creation_timestamp": "2026-06-15T20:20:35.420220Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/fa7d6474-22cc-4abc-bf75-9798e94d6d9a/export"/>
    <published>2026-06-15T20:20:35.420220+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/89985b9f-d6fe-4c92-aa7a-dc825af32a2b/export</id>
    <title>89985b9f-d6fe-4c92-aa7a-dc825af32a2b</title>
    <updated>2026-07-03T11:54:04.098160+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "89985b9f-d6fe-4c92-aa7a-dc825af32a2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49955", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnuqb4o7py2v", "content": "CVE-2026-49955 - Hermes WebUI\nCVE ID : CVE-2026-49955\n \n Published : June 9, 2026, 4:05 p.m. | 31\u00a0minutes ago\n \n Description : Hermes WebUI before version 0.51.270 contains a resource exhaustion vulnerability that allows unauthenticated remote attackers to degrade service avai...", "creation_timestamp": "2026-06-09T17:35:53.074462Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/89985b9f-d6fe-4c92-aa7a-dc825af32a2b/export"/>
    <published>2026-06-09T17:35:53.074462+00:00</published>
  </entry>
</feed>
