https://vulnerability.circl.lu/sightings/feed 2026-06-29T22:38:59.879629+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/b3f55cc8-d0c9-4bf4-a4ef-fa16c09960b8/export 2026-06-29T22:38:59.898887+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "b3f55cc8-d0c9-4bf4-a4ef-fa16c09960b8", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/587a20e7-a453-432e-a04d-c31630e6139a", "content": "", "creation_timestamp": "2026-06-23T14:02:58.245194Z"} 2026-06-23T14:02:58.245194+00:00 https://vulnerability.circl.lu/sighting/a38e0f06-3d7b-4cb4-b2b6-08421bd4d24b/export 2026-06-29T22:38:59.900536+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "a38e0f06-3d7b-4cb4-b2b6-08421bd4d24b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/insomnisec.bsky.social/post/3movr7puprz2v", "content": "\ud83d\udce1 CVE-2026-5027: Path Traversal in Langflow Enables Unauthenticated File Write and Remote Code Execution", "creation_timestamp": "2026-06-22T20:50:37.398244Z"} 2026-06-22T20:50:37.398244+00:00 https://vulnerability.circl.lu/sighting/9b08616a-2486-463c-b827-b70cc6c2ed65/export 2026-06-29T22:38:59.900679+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "9b08616a-2486-463c-b827-b70cc6c2ed65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/le-fil-ia.bsky.social/post/3mosjxxpznl2r", "content": "7 000 serveurs Langflow attaqu\u00e9s en ce moment, et personne ne regardait de ce c\u00f4t\u00e9.\n\nLa faille (CVE-2026-5027, not\u00e9e 8,8/10) vit dans l'endpoint d'upload de Langflow : le nom de fichier passe sans aucun contr\u00f4le, on peut donc \u00e9crire o\u00f9 on veut sur le\u2026 https://www.lefilia.fr/article/4909059", "creation_timestamp": "2026-06-21T14:03:01.660624Z"} 2026-06-21T14:03:01.660624+00:00 https://vulnerability.circl.lu/sighting/64e3d602-58d8-4abd-9cfc-c734c536ab76/export 2026-06-29T22:38:59.900791+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "64e3d602-58d8-4abd-9cfc-c734c536ab76", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/c9f28bbb-c45e-4141-9a6c-89427b27dbd7", "content": "", "creation_timestamp": "2026-06-19T12:45:07.467664Z"} 2026-06-19T12:45:07.467664+00:00 https://vulnerability.circl.lu/sighting/fe80df3a-dda9-4a84-b764-90ab2a9b5bb5/export 2026-06-29T22:38:59.900888+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "fe80df3a-dda9-4a84-b764-90ab2a9b5bb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/deafnews-auto.bsky.social/post/3mo6qibtnji2o", "content": "Langflow CVE-2026-5027: RCE Under Active Exploitation with 7,000 Instances Exposed", "creation_timestamp": "2026-06-13T17:06:17.248066Z"} 2026-06-13T17:06:17.248066+00:00 https://vulnerability.circl.lu/sighting/6e6f3d36-8f00-4153-826a-491c40650e59/export 2026-06-29T22:38:59.900989+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "6e6f3d36-8f00-4153-826a-491c40650e59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mo2p4bqw6b2l", "content": "Top 3 CVE for last 7 days:\nCVE-2026-35273: 33 interactions\nCVE-2026-11645: 27 interactions\nCVE-2025-10263: 25 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-35273: 33 interactions\nCVE-2026-5027: 14 interactions\nCVE-2026-40992: 7 interactions\n", "creation_timestamp": "2026-06-12T02:31:02.282841Z"} 2026-06-12T02:31:02.282841+00:00 https://vulnerability.circl.lu/sighting/f08da765-fec6-4e45-ab2d-c3dd13fb6b10/export 2026-06-29T22:38:59.901089+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "f08da765-fec6-4e45-ab2d-c3dd13fb6b10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mo2cklxg2s2h", "content": "Path traversal flaw in AI dev platform Langflow exploited in attacks\n\nAttackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers. [...]\n#hackernews #news", "creation_timestamp": "2026-06-11T22:46:24.188375Z"} 2026-06-11T22:46:24.188375+00:00 https://vulnerability.circl.lu/sighting/7586e0ce-a86a-4b50-bf0b-188c83438f18/export 2026-06-29T22:38:59.901186+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "7586e0ce-a86a-4b50-bf0b-188c83438f18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnzzaqe4v22y", "content": "Silent Intrusion in the AI Stack: Langflow Exploit CVE-2026-5027 Opens Path to Full Remote Code Execution +\u00a0Video\n\nIntroduction: When AI Development Tools Become the Weakest Link The rapid rise of low-code AI platforms has transformed how organizations build and deploy machine learning\u2026", "creation_timestamp": "2026-06-11T19:59:49.353478Z"} 2026-06-11T19:59:49.353478+00:00 https://vulnerability.circl.lu/sighting/0734283f-d82a-43fc-b915-71c04d5ac017/export 2026-06-29T22:38:59.901286+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "0734283f-d82a-43fc-b915-71c04d5ac017", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mnzz6gbjeh2j", "content": "Langflow's CVE-2026-5027 is under active exploitation. Immediate action is needed to secure systems. #Langflow #CVE20265027 #CyberSecurity #AI #OpenSource #SecurityFlaw thedailytechfeed.com/critical-lan...", "creation_timestamp": "2026-06-11T19:58:31.136002Z"} 2026-06-11T19:58:31.136002+00:00 https://vulnerability.circl.lu/sighting/496acb72-d3d1-4a6c-9817-c1aa4959ced5/export 2026-06-29T22:38:59.901385+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "496acb72-d3d1-4a6c-9817-c1aa4959ced5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hakksaww.bsky.social/post/3mnzuquhkpk2m", "content": "CVE-2026-5027, Langflow: we've tracked it as a serial unauth-RCE target since March 21 and had six exploiter IPs indexed in April. New PoC June 11 \u2014 Iran's MuddyWater already weaponized one. And CVE-2026-50751, Check Point IKE: we flagged Qilin burning that edge door June 9, PoC June 10.", "creation_timestamp": "2026-06-11T18:39:21.825456Z"} 2026-06-11T18:39:21.825456+00:00