https://vulnerability.circl.lu/sightings/feed 2026-06-21T17:11:54.487744+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/8eddcad0-bd8f-46d7-976f-0cf6ccd4c9d8/export 2026-06-21T17:11:54.501778+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "8eddcad0-bd8f-46d7-976f-0cf6ccd4c9d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54412", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mobl44ylsv2f", "content": "CVE-2026-54412 - MQTT-C Heap Out-of-Bounds Read and Integer Underflow\nCVE ID : CVE-2026-54412\n \n Published : June 14, 2026, 6:17 p.m. | 1\u00a0hour, 24\u00a0minutes ago\n \n Description : LiamBindle MQTT-C through version 1.1.6 contains a heap-based out-of-bounds read and integer underflo...", "creation_timestamp": "2026-06-14T20:07:59.846706Z"} 2026-06-14T20:07:59.846706+00:00 https://vulnerability.circl.lu/sighting/961dc509-0a23-4b03-99bf-e089214039c7/export 2026-06-21T17:11:54.501660+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "961dc509-0a23-4b03-99bf-e089214039c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54412", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moby5ha7xq2w", "content": "\ud83d\udfe0 CVE-2026-54412 - High (8.2)\n\nLiamBindle MQTT-C through version 1.1.6 contains a heap-based out-of-bounds read and integer unde...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-54412/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-15T00:01:24.148976Z"} 2026-06-15T00:01:24.148976+00:00 https://vulnerability.circl.lu/sighting/776371f4-fdcc-4eff-8a75-e9e6520ef68e/export 2026-06-21T17:11:54.501558+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "776371f4-fdcc-4eff-8a75-e9e6520ef68e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54413", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moby5oh7p32e", "content": "\ud83d\udfe0 CVE-2026-54413 - High (8.2)\n\ndriftregion iso14229 through 0.9.0 contains an integer underflow and downstream out-of-bounds rea...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-54413/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-15T00:01:31.156826Z"} 2026-06-15T00:01:31.156826+00:00 https://vulnerability.circl.lu/sighting/18b838e2-3994-4ea1-afcb-89e5891e0618/export 2026-06-21T17:11:54.501453+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "18b838e2-3994-4ea1-afcb-89e5891e0618", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54411", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116754190976961198", "content": "Our CTI team identified a lot of activities targeting Linux-PAM (CVE-2026-54411) https://vuldb.com/vuln/370870/cti", "creation_timestamp": "2026-06-15T12:46:17.570634Z"} 2026-06-15T12:46:17.570634+00:00 https://vulnerability.circl.lu/sighting/9adde229-2833-4dd0-950c-55cdc71b8a7f/export 2026-06-21T17:11:54.501350+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "9adde229-2833-4dd0-950c-55cdc71b8a7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54415", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moiv74u5gc2t", "content": "CVE-2026-54415 - Broken Access Control in Azuriom CMS Server Routes Allows Account Takeover\nCVE ID : CVE-2026-54415\n \n Published : June 17, 2026, 2:04 p.m. | 3\u00a0hours, 4\u00a0minutes ago\n \n Description : Missing Authorization in the server management routes (routes/admin.php) in Azu...", "creation_timestamp": "2026-06-17T17:57:16.146591Z"} 2026-06-17T17:57:16.146591+00:00 https://vulnerability.circl.lu/sighting/f618af83-32a7-4b1a-9a7d-7cd07e59172b/export 2026-06-21T17:11:54.501249+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "f618af83-32a7-4b1a-9a7d-7cd07e59172b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54415", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3moks6clrea23", "content": "CVE-2026-54415 - Missing Authorization in Azuriom CMS. Authenticated admin can create server tokens, take over user accounts via API. CVSS 8.1. No patch yet. Disable AzLink endpoints until update. #CVE #Azuriom #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-54415/", "creation_timestamp": "2026-06-18T12:08:27.593530Z"} 2026-06-18T12:08:27.593530+00:00 https://vulnerability.circl.lu/sighting/739d1dfa-a722-4880-8048-dae8aad61c28/export 2026-06-21T17:11:54.501125+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "739d1dfa-a722-4880-8048-dae8aad61c28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54419", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mokt35ifeb2z", "content": "CVE-2026-54419 - PIAF-HMS multiple unauthenticated SQL injection vulnerabilities via mysql_query\nCVE ID : CVE-2026-54419\n \n Published : June 18, 2026, 10:21 a.m. | 1\u00a0hour, 14\u00a0minutes ago\n \n Description : claudiopizzillo PIAF-HMS (PBX-In-A-Flash Hotel Management System; no rele...", "creation_timestamp": "2026-06-18T12:24:39.032738Z"} 2026-06-18T12:24:39.032738+00:00 https://vulnerability.circl.lu/sighting/230f29ac-c970-4104-a5b6-fe152ad9da75/export 2026-06-21T17:11:54.500971+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "230f29ac-c970-4104-a5b6-fe152ad9da75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54414", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3momsieefw62x", "content": "CVE-2026-54414 - FileRise shared-folder upload path traversal allows arbitrary file write and admin takeover\nCVE ID : CVE-2026-54414\n \n Published : June 19, 2026, 5:41 a.m. | 1\u00a0hour, 27\u00a0minutes ago\n \n Description : FileRise before 3.16.0 is vulnerable to path traversal in the ...", "creation_timestamp": "2026-06-19T07:19:23.609204Z"} 2026-06-19T07:19:23.609204+00:00 https://vulnerability.circl.lu/sighting/35880e4d-1461-4441-94d5-0373f2ccd551/export 2026-06-21T17:11:54.500778+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "35880e4d-1461-4441-94d5-0373f2ccd551", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54414", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116775598633883960", "content": "CVE-2026-54414: Critical path traversal in FileRise <3.16.0 allows attackers with a valid shared-folder upload link to write files outside the intended dir \u2014 can lead to admin takeover & RCE. Patch to 3.16.0+ ASAP. https://radar.offseq.com/threat/cve-2026-54414-cwe-22-improper-limitation-of-a-pat-b161bf82d6c29f3c #OffSeq #vuln #FileRise", "creation_timestamp": "2026-06-19T07:30:28.372134Z"} 2026-06-19T07:30:28.372134+00:00 https://vulnerability.circl.lu/sighting/ff373e0d-1eed-4e63-9c7d-beb294bace33/export 2026-06-21T17:11:54.498935+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "ff373e0d-1eed-4e63-9c7d-beb294bace33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54414", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3momt47f4ci2f", "content": "Critical path traversal in FileRise <3.16.0 (CVE-2026-54414): attackers with upload-enabled links can overwrite files, risking admin takeover/RCE. Update to 3.16.0+ now. \ud83d\udd12 https://radar.offseq.com/threat/cve-2026-54414-cwe-22-improper-limitation-of-a-pat-b161bf82d6c29f3c #OffSeq #FileRise #infosec", "creation_timestamp": "2026-06-19T07:30:30.188873Z"} 2026-06-19T07:30:30.188873+00:00