<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-12T19:31:41.970683+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/916eb27d-ceed-4277-8f6d-1472b08f32c6/export</id>
    <title>916eb27d-ceed-4277-8f6d-1472b08f32c6</title>
    <updated>2026-07-12T19:31:41.993985+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "916eb27d-ceed-4277-8f6d-1472b08f32c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57807", "type": "seen", "source": "https://bsky.app/profile/donwebmedia.bsky.social/post/3mqginknoyn22", "content": "CVE-2026-57807: Bypass total en plugin OAuth de WordPress\n\n#cve202657807 #miniorangeoauth #wordpresssso #bypassautenticacion #seguridadwordpress", "creation_timestamp": "2026-07-12T05:57:45.926871Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/916eb27d-ceed-4277-8f6d-1472b08f32c6/export"/>
    <published>2026-07-12T05:57:45.926871+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3f69f339-da84-49f3-a516-e5bbf59e83f4/export</id>
    <title>3f69f339-da84-49f3-a516-e5bbf59e83f4</title>
    <updated>2026-07-12T19:31:41.997501+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3f69f339-da84-49f3-a516-e5bbf59e83f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57807", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mqgfl4ieaj2e", "content": "Daily IT Security Digest \u2014 2026-07-12\nsystems.\nSources: [The Hacker Wire](https://www.thehackerwire.com/vulnerability/CVE-2026-61444/)\n\n## 6. miniOrange OAuth SSO: Critical Auth Bypass \u2014 CVE-2026-57807\nA CRITICAL authentication bypass vulnerability (CVE-2026-57807) exists in miniOrange OAuth SSO", "creation_timestamp": "2026-07-12T05:02:41.977829Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3f69f339-da84-49f3-a516-e5bbf59e83f4/export"/>
    <published>2026-07-12T05:02:41.977829+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d1bd056c-5392-46f5-83c9-ea2e583ec713/export</id>
    <title>d1bd056c-5392-46f5-83c9-ea2e583ec713</title>
    <updated>2026-07-12T19:31:41.997662+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d1bd056c-5392-46f5-83c9-ea2e583ec713", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-57807", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqdobmy6nq2d", "content": "miniOrange OAuth SSO (&amp;lt;=38.5.8) is affected by CRITICAL CVE-2026-57807: authentication bypass via password recovery. No patch \u2014 watch for updates and secure affected systems. https://radar.offseq.com/threat/cve-2026-57807-cwe-288-authentication-bypass-using-85e6dbb16ac48da8 #OffSeq #OAuth #Vulner...", "creation_timestamp": "2026-07-11T03:00:28.627120Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d1bd056c-5392-46f5-83c9-ea2e583ec713/export"/>
    <published>2026-07-11T03:00:28.627120+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6520bdb9-8fcc-4cb2-a602-466bc3e9031a/export</id>
    <title>6520bdb9-8fcc-4cb2-a602-466bc3e9031a</title>
    <updated>2026-07-12T19:31:41.997775+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6520bdb9-8fcc-4cb2-a602-466bc3e9031a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-57807", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116899107707038521", "content": "CVE-2026-57807 | CRITICAL auth bypass in miniOrange OAuth SSO (&amp;lt;=38.5.8). Exploit via password recovery threatens full compromise. No patch yet \u2014 monitor for vendor updates. https://radar.offseq.com/threat/cve-2026-57807-cwe-288-authentication-bypass-using-85e6dbb16ac48da8 #OffSeq #CVE202657807 #OAuth #Security", "creation_timestamp": "2026-07-11T03:00:26.831919Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6520bdb9-8fcc-4cb2-a602-466bc3e9031a/export"/>
    <published>2026-07-11T03:00:26.831919+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5db1ac1b-5fd3-4823-a374-673ddf3b3e25/export</id>
    <title>5db1ac1b-5fd3-4823-a374-673ddf3b3e25</title>
    <updated>2026-07-12T19:31:41.997878+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5db1ac1b-5fd3-4823-a374-673ddf3b3e25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57807", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdmq2jue32e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-57807 \u0432 miniOrange: \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u043d\u044b\u0439 \u043a\u0430\u043d\u0430\u043b\n\n\n\nhttps://kripta.biz/posts/6228B95A-3683-4D68-A0DF-456519ACB9CF", "creation_timestamp": "2026-07-11T02:32:44.578138Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5db1ac1b-5fd3-4823-a374-673ddf3b3e25/export"/>
    <published>2026-07-11T02:32:44.578138+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6ae77f09-571f-490a-89c7-0bc64d17c3be/export</id>
    <title>6ae77f09-571f-490a-89c7-0bc64d17c3be</title>
    <updated>2026-07-12T19:31:41.997976+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6ae77f09-571f-490a-89c7-0bc64d17c3be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57807", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqdbxlqail22", "content": "CVE-2026-57807 - oauth single sign on - sso (oauth client)\nA security issue in miniOrange's OAuth Single Sign On (SSO) software allows attackers to bypass authentication using an alternative method. This affects all versions\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-10T23:20:06.351104Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6ae77f09-571f-490a-89c7-0bc64d17c3be/export"/>
    <published>2026-07-10T23:20:06.351104+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2dd5ca91-708d-4575-938d-7595ebe21d36/export</id>
    <title>2dd5ca91-708d-4575-938d-7595ebe21d36</title>
    <updated>2026-07-12T19:31:41.998075+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2dd5ca91-708d-4575-938d-7595ebe21d36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57807", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqd5js45ha2w", "content": "\ud83d\udd34 CVE-2026-57807 - Critical (9.8)\n\nAuthentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Security Sof...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-57807/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-10T22:00:48.866242Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2dd5ca91-708d-4575-938d-7595ebe21d36/export"/>
    <published>2026-07-10T22:00:48.866242+00:00</published>
  </entry>
</feed>
