https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-06-22T16:15:12.679579+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/d5989e94-63c4-4be6-b8db-574531e2f345/exportd5989e94-63c4-4be6-b8db-574531e2f3452026-06-22T16:15:13.062529+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "d5989e94-63c4-4be6-b8db-574531e2f345", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-8157", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mouej4ydjs2l", "content": "Vitepos <3.4.2 HIGH severity vuln (CVE-2026-8157): Auth users with custom roles can escalate to admin via REST API. Restrict endpoint access & watch for vendor updates. https://radar.offseq.com/threat/cve-2026-8157-cwe-269-improper-privilege-managemen-ad086b248eb210ce #OffSeq #WordPress #Security", "creation_timestamp": "2026-06-22T07:30:35.025842Z"}2026-06-22T07:30:35.025842+00:00https://vulnerability.circl.lu/sighting/3c2472b2-bfcb-487e-a8d8-afa38af38723/export3c2472b2-bfcb-487e-a8d8-afa38af387232026-06-22T16:15:13.062349+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "3c2472b2-bfcb-487e-a8d8-afa38af38723", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-8157", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116792585922539614", "content": "Vitepos WordPress plugin <3.4.2 has a HIGH severity privilege escalation vuln (CVE-2026-8157). Auth users with custom Vitepos roles can become admins via REST API. Restrict API access & monitor for patches. https://radar.offseq.com/threat/cve-2026-8157-cwe-269-improper-privilege-managemen-ad086b248eb210ce #OffSeq #WordPress #CVE20268157 #Infosec", "creation_timestamp": "2026-06-22T07:30:35.542089Z"}2026-06-22T07:30:35.542089+00:00https://vulnerability.circl.lu/sighting/f38d98af-f8f4-4f79-a4a8-e59cf0955047/exportf38d98af-f8f4-4f79-a4a8-e59cf09550472026-06-22T16:15:13.058172+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "f38d98af-f8f4-4f79-a4a8-e59cf0955047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8157", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mougxkmsvw2y", "content": "CVE-2026-8157 - Vitepos\nCVE ID : CVE-2026-8157\n \n Published : June 22, 2026, 6 a.m. | 1\u00a0hour, 43\u00a0minutes ago\n \n Description : The Vitepos WordPress plugin before 3.4.2 does not properly restrict the roles that can be assigned when creating new users via one of its REST API end...", "creation_timestamp": "2026-06-22T08:14:26.442137Z"}2026-06-22T08:14:26.442137+00:00