<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-01T18:42:22.295512+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6035a784-afc6-4421-8a67-3735e60bbb1e/export</id>
    <title>6035a784-afc6-4421-8a67-3735e60bbb1e</title>
    <updated>2026-07-01T18:42:22.317936+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6035a784-afc6-4421-8a67-3735e60bbb1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55698", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpl7rokaie2t", "content": "\ud83d\udccc CVE-2026-55698 - pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm can persist package-manager bootstrap metadata in the first YAML document of pnpm-lock.ya... https://www.cyberhub.blog/cves/CVE-2026-55698", "creation_timestamp": "2026-07-01T09:37:06.831693Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6035a784-afc6-4421-8a67-3735e60bbb1e/export"/>
    <published>2026-07-01T09:37:06.831693+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9ef768bb-052d-4947-90ec-e8d48ded18cf/export</id>
    <title>9ef768bb-052d-4947-90ec-e8d48ded18cf</title>
    <updated>2026-07-01T18:42:22.319592+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9ef768bb-052d-4947-90ec-e8d48ded18cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55699", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mphlxtdkjh2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-55699 \u0432 pnpm: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/06E1F41E-F25F-404C-B910-EF504EE5B879", "creation_timestamp": "2026-06-29T23:04:39.277754Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9ef768bb-052d-4947-90ec-e8d48ded18cf/export"/>
    <published>2026-06-29T23:04:39.277754+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/398042ed-4c22-40a9-bf0a-667130945bd2/export</id>
    <title>398042ed-4c22-40a9-bf0a-667130945bd2</title>
    <updated>2026-07-01T18:42:22.319726+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cve.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "398042ed-4c22-40a9-bf0a-667130945bd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55697", "type": "published-proof-of-concept", "source": "https://github.com/pnpm/pnpm/security/advisories/GHSA-gj8w-mvpf-x27x", "content": "", "creation_timestamp": "2026-06-27T00:35:14.772825Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/398042ed-4c22-40a9-bf0a-667130945bd2/export"/>
    <published>2026-06-27T00:35:14.772825+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3f1446f7-9dec-4bf6-a43e-a7e710fdf2c7/export</id>
    <title>3f1446f7-9dec-4bf6-a43e-a7e710fdf2c7</title>
    <updated>2026-07-01T18:42:22.320720+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cve.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "3f1446f7-9dec-4bf6-a43e-a7e710fdf2c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55698", "type": "published-proof-of-concept", "source": "https://github.com/pnpm/pnpm/security/advisories/GHSA-w466-c33r-3gjp", "content": "", "creation_timestamp": "2026-06-27T00:35:04.935444Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3f1446f7-9dec-4bf6-a43e-a7e710fdf2c7/export"/>
    <published>2026-06-27T00:35:04.935444+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b5de2697-a990-4803-a788-9224b84a70f5/export</id>
    <title>b5de2697-a990-4803-a788-9224b84a70f5</title>
    <updated>2026-07-01T18:42:22.320837+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cve.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "b5de2697-a990-4803-a788-9224b84a70f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55699", "type": "published-proof-of-concept", "source": "https://github.com/pnpm/pnpm/security/advisories/GHSA-4gxm-v5v7-fqc4", "content": "", "creation_timestamp": "2026-06-27T00:35:02.531262Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b5de2697-a990-4803-a788-9224b84a70f5/export"/>
    <published>2026-06-27T00:35:02.531262+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/cd0fe527-3cc9-4c07-bde5-c1f7ea900cdc/export</id>
    <title>cd0fe527-3cc9-4c07-bde5-c1f7ea900cdc</title>
    <updated>2026-07-01T18:42:22.320940+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "cd0fe527-3cc9-4c07-bde5-c1f7ea900cdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55697", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp4ztxnb3j2o", "content": "CVE-2026-55697 - pnpm: Repository-controlled configDependencies can select a pacquet native install engine\nCVE ID : CVE-2026-55697\n \n Published : June 25, 2026, 4:42 p.m. | 1\u00a0hour, 2\u00a0minutes ago\n \n Description : pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm can ...", "creation_timestamp": "2026-06-25T18:13:44.583844Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/cd0fe527-3cc9-4c07-bde5-c1f7ea900cdc/export"/>
    <published>2026-06-25T18:13:44.583844+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/cec82b24-2be7-4510-90ab-f8fec045f5e3/export</id>
    <title>cec82b24-2be7-4510-90ab-f8fec045f5e3</title>
    <updated>2026-07-01T18:42:22.321040+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "cec82b24-2be7-4510-90ab-f8fec045f5e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55699", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp4z57mqql2z", "content": "CVE-2026-55699 - pnpm: reserved bin name deletes PNPM_HOME during global remove\nCVE ID : CVE-2026-55699\n \n Published : June 25, 2026, 4:44 p.m. | 1\u00a0hour ago\n \n Description : pnpm is a package manager. Prior to 10.34.2 and 11.5.3, Manifest bin object keys such as \"\", \".\", and \"...", "creation_timestamp": "2026-06-25T18:01:01.212593Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/cec82b24-2be7-4510-90ab-f8fec045f5e3/export"/>
    <published>2026-06-25T18:01:01.212593+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5ab8ecf2-0baf-4c7c-944a-8ab71c7ab766/export</id>
    <title>5ab8ecf2-0baf-4c7c-944a-8ab71c7ab766</title>
    <updated>2026-07-01T18:42:22.321139+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5ab8ecf2-0baf-4c7c-944a-8ab71c7ab766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55698", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp4ywb3qok2j", "content": "CVE-2026-55698 - pnpm: Project env lockfile can short-circuit package-manager resolution and execute lockfile-selected pnpm bytes\nCVE ID : CVE-2026-55698\n \n Published : June 25, 2026, 4:43 p.m. | 1\u00a0hour, 1\u00a0minute ago\n \n Description : pnpm is a package manager. Prior to 10.34.2...", "creation_timestamp": "2026-06-25T17:57:07.952042Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5ab8ecf2-0baf-4c7c-944a-8ab71c7ab766/export"/>
    <published>2026-06-25T17:57:07.952042+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6abdb38b-93d5-493c-94fd-4f56325eb9c4/export</id>
    <title>6abdb38b-93d5-493c-94fd-4f56325eb9c4</title>
    <updated>2026-07-01T18:42:22.321234+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cve.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "6abdb38b-93d5-493c-94fd-4f56325eb9c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55691", "type": "published-proof-of-concept", "source": "https://github.com/StarCitizenWiki/mediawiki-extensions-EmbedVideo/security/advisories/GHSA-7h5p-637f-jfr7", "content": "", "creation_timestamp": "2026-06-19T18:22:24.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6abdb38b-93d5-493c-94fd-4f56325eb9c4/export"/>
    <published>2026-06-19T18:22:24+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ec18caac-d030-4e2f-8fab-789a9ad4c8d1/export</id>
    <title>ec18caac-d030-4e2f-8fab-789a9ad4c8d1</title>
    <updated>2026-07-01T18:42:22.321332+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cve.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "ec18caac-d030-4e2f-8fab-789a9ad4c8d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55692", "type": "published-proof-of-concept", "source": "https://github.com/StarCitizenWiki/mediawiki-extensions-EmbedVideo/security/advisories/GHSA-5c7p-g73q-rpg5", "content": "", "creation_timestamp": "2026-06-19T18:22:09.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ec18caac-d030-4e2f-8fab-789a9ad4c8d1/export"/>
    <published>2026-06-19T18:22:09+00:00</published>
  </entry>
</feed>
