<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-01T18:42:54.993334+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/679728c0-95a0-441a-8d32-d8e01eb07a79/export</id>
    <title>679728c0-95a0-441a-8d32-d8e01eb07a79</title>
    <updated>2026-07-01T18:42:55.015388+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "679728c0-95a0-441a-8d32-d8e01eb07a79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54266", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpllj774tz2l", "content": "\ud83d\udccc CVE-2026-54266 - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 2... https://www.cyberhub.blog/cves/CVE-2026-54266", "creation_timestamp": "2026-07-01T13:07:07.784485Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/679728c0-95a0-441a-8d32-d8e01eb07a79/export"/>
    <published>2026-07-01T13:07:07.784485+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c8e5c297-d7b8-416e-a973-dc1e8fd22f5e/export</id>
    <title>c8e5c297-d7b8-416e-a973-dc1e8fd22f5e</title>
    <updated>2026-07-01T18:42:55.017913+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c8e5c297-d7b8-416e-a973-dc1e8fd22f5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54268", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mow3ikyahx2q", "content": "CVE-2026-54268 - Angular: Denial of Service (DoS) via OOM in Date Formatting (formatDate)\nCVE ID : CVE-2026-54268\n \n Published : June 22, 2026, 3:31 p.m. | 7\u00a0hours, 38\u00a0minutes ago\n \n Description : Angular is a development platform for building mobile and desktop web applicatio...", "creation_timestamp": "2026-06-22T23:54:31.830266Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c8e5c297-d7b8-416e-a973-dc1e8fd22f5e/export"/>
    <published>2026-06-22T23:54:31.830266+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/0250e9e3-1755-458e-9575-2886786c0686/export</id>
    <title>0250e9e3-1755-458e-9575-2886786c0686</title>
    <updated>2026-07-01T18:42:55.018176+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "0250e9e3-1755-458e-9575-2886786c0686", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54264", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mow2atv7uv2q", "content": "CVE-2026-54264 - Angular: Sensitive Header Leakage on Cross-Origin Redirects in Angular Service Worker\nCVE ID : CVE-2026-54264\n \n Published : June 22, 2026, 3:32 p.m. | 7\u00a0hours, 37\u00a0minutes ago\n \n Description : Angular is a development platform for building mobile and desktop w...", "creation_timestamp": "2026-06-22T23:32:18.671082Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/0250e9e3-1755-458e-9575-2886786c0686/export"/>
    <published>2026-06-22T23:32:18.671082+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/01cf028d-b1e8-47cc-b826-78e536959261/export</id>
    <title>01cf028d-b1e8-47cc-b826-78e536959261</title>
    <updated>2026-07-01T18:42:55.018379+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "01cf028d-b1e8-47cc-b826-78e536959261", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/31ec02fb-65ac-46a6-a0c0-f704604579d7", "content": "", "creation_timestamp": "2026-06-19T12:45:33.157087Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/01cf028d-b1e8-47cc-b826-78e536959261/export"/>
    <published>2026-06-19T12:45:33.157087+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c9043b24-aea6-4fa2-b5db-7ee7aedd69ca/export</id>
    <title>c9043b24-aea6-4fa2-b5db-7ee7aedd69ca</title>
    <updated>2026-07-01T18:42:55.018573+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c9043b24-aea6-4fa2-b5db-7ee7aedd69ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://bsky.app/profile/technoholic.bsky.social/post/3mmzowr45uv2z", "content": "A high-severity flaw (CVE-2026-5426, CVSS 7.5) in Japan's Digital Knowledge KnowledgeDeliver LMS was exploited as a zero-day to deploy a Godzilla web shell and Cobalt Strike. Now patched.", "creation_timestamp": "2026-05-29T23:30:05.279524Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c9043b24-aea6-4fa2-b5db-7ee7aedd69ca/export"/>
    <published>2026-05-29T23:30:05.279524+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/49177872-221c-4d04-84fa-9190a4c57559/export</id>
    <title>49177872-221c-4d04-84fa-9190a4c57559</title>
    <updated>2026-07-01T18:42:55.018759+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "49177872-221c-4d04-84fa-9190a4c57559", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://bsky.app/profile/newstecnicas.com/post/3mmywkdlvkc27", "content": "\ud83d\udea8 Alerta de #Ciberseguridad: Explotaci\u00f3n Zero-Day CVE-2026-5426 en LMS \"KnowledgeDeliver\" www.newstecnicas.com/2026/05/aler...", "creation_timestamp": "2026-05-29T16:13:41.839400Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/49177872-221c-4d04-84fa-9190a4c57559/export"/>
    <published>2026-05-29T16:13:41.839400+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d47dc552-4bdc-4f31-8b24-23e8a1ce21fa/export</id>
    <title>d47dc552-4bdc-4f31-8b24-23e8a1ce21fa</title>
    <updated>2026-07-01T18:42:55.018935+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d47dc552-4bdc-4f31-8b24-23e8a1ce21fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "Telegram/IqAYll4ZzjxpeZQ_8CUvuT_fob3B5lJjEUBfv2EUXY56hck", "content": "", "creation_timestamp": "2026-05-27T21:12:27.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d47dc552-4bdc-4f31-8b24-23e8a1ce21fa/export"/>
    <published>2026-05-27T21:12:27+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/021f9c9b-f2db-44bb-ba8e-1d26ee24f63a/export</id>
    <title>021f9c9b-f2db-44bb-ba8e-1d26ee24f63a</title>
    <updated>2026-07-01T18:42:55.019114+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "021f9c9b-f2db-44bb-ba8e-1d26ee24f63a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://bsky.app/profile/Mozilla.activitypub.awakari.com.ap.brid.gy/post/3mmu7muiluxh2", "content": "\ud83d\udea9 Critical KnowledgeDeliver RCE (CVE-2026-5426) abused via shared ASP.NET machine keys to deliver web shells and Cobalt Strike KnowledgeDeliver exploit (CVE-2026-5426) enables RCE via ViewState ...\n\n#TIGR #malware #vulnerability\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-27T19:12:55.396158Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/021f9c9b-f2db-44bb-ba8e-1d26ee24f63a/export"/>
    <published>2026-05-27T19:12:55.396158+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/46c0336c-5678-4faf-9289-c3a763c2be79/export</id>
    <title>46c0336c-5678-4faf-9289-c3a763c2be79</title>
    <updated>2026-07-01T18:42:55.019299+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "46c0336c-5678-4faf-9289-c3a763c2be79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://bsky.app/profile/nuke86.rfeed.it/post/3mmtcnajjkr24", "content": "CVE-2026-5426: zero-day in KnowledgeDeliver LMS sfruttato per distribuire BLUEBEAM e Cobalt Strike BEACON\nil blog: insicurezzadigitale.com/cve-2026-542...\n\n#cybersecurity #apt #backdoor #cobaltstrike #infosec #malware #zeroday", "creation_timestamp": "2026-05-27T10:34:06.319794Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/46c0336c-5678-4faf-9289-c3a763c2be79/export"/>
    <published>2026-05-27T10:34:06.319794+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/de1c8b31-7a9b-414e-a2a1-c47de03eaf5f/export</id>
    <title>de1c8b31-7a9b-414e-a2a1-c47de03eaf5f</title>
    <updated>2026-07-01T18:42:55.019487+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "de1c8b31-7a9b-414e-a2a1-c47de03eaf5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://bsky.app/profile/cybersecurity.poliverso.org.ap.brid.gy/post/3mmszuhdmsjq2", "content": "# **CVE-2026-5426: zero-day in KnowledgeDeliver LMS sfruttato per distribuire BLUEBEAM e Cobalt Strike BEACON**\n\n\n@informatica\nMandiant ha pubblicato i dettagli dell'exploitation attiva di CVE-2026-5426, zero-day nel LMS KnowledgeDeliver causato da chiavi ASP.NET machineKey hardcoded e condivise [\u2026]", "creation_timestamp": "2026-05-27T07:57:03.424559Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/de1c8b31-7a9b-414e-a2a1-c47de03eaf5f/export"/>
    <published>2026-05-27T07:57:03.424559+00:00</published>
  </entry>
</feed>
