<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-02T20:55:06.877917+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9a000047-69b7-4511-ab84-009502628ccd/export</id>
    <title>9a000047-69b7-4511-ab84-009502628ccd</title>
    <updated>2026-07-02T20:55:06.902972+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9a000047-69b7-4511-ab84-009502628ccd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58449", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpovld6x432e", "content": "CVE-2026-58449\ntxtai versions 9.10.0 and earlier have a security risk if you're using an unauthenticated API and allowing remote index updates. A malicious user could potentially execute code on your server when reindexing.\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-02T20:45:15.884455Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9a000047-69b7-4511-ab84-009502628ccd/export"/>
    <published>2026-07-02T20:45:15.884455+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f232b7ac-9f5c-462f-a6e9-2d3cdb668679/export</id>
    <title>f232b7ac-9f5c-462f-a6e9-2d3cdb668679</title>
    <updated>2026-07-02T20:55:06.906579+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f232b7ac-9f5c-462f-a6e9-2d3cdb668679", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58449", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpk2bvcfe326", "content": "CVE-2026-58449 - txtai - Unauthenticated Remote Code Execution via Unsafe Reflection in API /reindex function Parameter\nCVE ID : CVE-2026-58449\n \n Published : June 30, 2026, 9:06 p.m. | 39\u00a0minutes ago\n \n Description : txtai through 9.10.0, fixed in commit 11b32da, exposes an A...", "creation_timestamp": "2026-06-30T22:26:10.716143Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f232b7ac-9f5c-462f-a6e9-2d3cdb668679/export"/>
    <published>2026-06-30T22:26:10.716143+00:00</published>
  </entry>
</feed>
