https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 06 Jun 2026 02:52:36 +0000 https://vulnerability.circl.lu/sighting/b9f811f1-8e8a-43d7-ab51-ba90a980079e/export {"uuid": "b9f811f1-8e8a-43d7-ab51-ba90a980079e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/solarwinds-security-advisory-av26-549", "content": "", "creation_timestamp": "2026-06-04T11:54:48.000000Z"} {"uuid": "b9f811f1-8e8a-43d7-ab51-ba90a980079e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/solarwinds-security-advisory-av26-549", "content": "", "creation_timestamp": "2026-06-04T11:54:48.000000Z"} https://vulnerability.circl.lu/sighting/b9f811f1-8e8a-43d7-ab51-ba90a980079e/export Thu, 04 Jun 2026 11:54:48 +0000 https://vulnerability.circl.lu/sighting/06d0a570-3628-48ba-8bc7-094128fcd6be/export {"uuid": "06d0a570-3628-48ba-8bc7-094128fcd6be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6665471", "content": "2026-06-05: [CVE-2026-28318] SolarWinds Serv-U Uncontrolled Resource Consumption VulnerabilitySolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-Encoding: deflate header to crash the Serv-U service without authentication.\ncisakev", "creation_timestamp": "2026-06-05T17:46:15.513384Z"} {"uuid": "06d0a570-3628-48ba-8bc7-094128fcd6be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6665471", "content": "2026-06-05: [CVE-2026-28318] SolarWinds Serv-U Uncontrolled Resource Consumption VulnerabilitySolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-Encoding: deflate header to crash the Serv-U service without authentication.\ncisakev", "creation_timestamp": "2026-06-05T17:46:15.513384Z"} https://vulnerability.circl.lu/sighting/06d0a570-3628-48ba-8bc7-094128fcd6be/export Fri, 05 Jun 2026 17:46:15 +0000 https://vulnerability.circl.lu/sighting/db2110d6-530f-4ff7-bdd7-412c3b1c5b2a/export {"uuid": "db2110d6-530f-4ff7-bdd7-412c3b1c5b2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mnkpelghy22d", "content": "\ud83d\uded1 CVE-2026-28318\nSolarWinds Serv-U\nCVSS 7.5 / EPSS 0% / KEV\nTL;DR: SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U ser\u2026\nhttps://cvesentinel.com/report/CVE-2026-28318?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-06-05T17:53:06.327922Z"} {"uuid": "db2110d6-530f-4ff7-bdd7-412c3b1c5b2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mnkpelghy22d", "content": "\ud83d\uded1 CVE-2026-28318\nSolarWinds Serv-U\nCVSS 7.5 / EPSS 0% / KEV\nTL;DR: SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U ser\u2026\nhttps://cvesentinel.com/report/CVE-2026-28318?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-06-05T17:53:06.327922Z"} https://vulnerability.circl.lu/sighting/db2110d6-530f-4ff7-bdd7-412c3b1c5b2a/export Fri, 05 Jun 2026 17:53:06 +0000 https://vulnerability.circl.lu/sighting/33132aac-a004-44e2-98c5-578eaccb5cb6/export {"uuid": "33132aac-a004-44e2-98c5-578eaccb5cb6", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b00d5422-d924-4e37-a319-af4fa11ed523", "content": "", "creation_timestamp": "2026-06-05T18:00:02.558663Z"} {"uuid": "33132aac-a004-44e2-98c5-578eaccb5cb6", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b00d5422-d924-4e37-a319-af4fa11ed523", "content": "", "creation_timestamp": "2026-06-05T18:00:02.558663Z"} https://vulnerability.circl.lu/sighting/33132aac-a004-44e2-98c5-578eaccb5cb6/export Fri, 05 Jun 2026 18:00:02 +0000 https://vulnerability.circl.lu/sighting/e7f74639-711d-4edd-97b1-bf64df0adc2d/export {"uuid": "e7f74639-711d-4edd-97b1-bf64df0adc2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/todb2.hugesuccess.org/post/3mnks2yssm6q2", "content": "w/r/t CVE-2026-28318 - I kinda like the mitigation guidance of \"well just block HTTP clients from sending `Content-encoding: deflate` on POSTs and you're good. Which sounded crazy to me, but is it?\n\nI know POSTs can be compressed, but I'd expect clients to use `gzip` pretty much exclusively. The [\u2026]", "creation_timestamp": "2026-06-05T18:42:19.552052Z"} {"uuid": "e7f74639-711d-4edd-97b1-bf64df0adc2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/todb2.hugesuccess.org/post/3mnks2yssm6q2", "content": "w/r/t CVE-2026-28318 - I kinda like the mitigation guidance of \"well just block HTTP clients from sending `Content-encoding: deflate` on POSTs and you're good. Which sounded crazy to me, but is it?\n\nI know POSTs can be compressed, but I'd expect clients to use `gzip` pretty much exclusively. The [\u2026]", "creation_timestamp": "2026-06-05T18:42:19.552052Z"} https://vulnerability.circl.lu/sighting/e7f74639-711d-4edd-97b1-bf64df0adc2d/export Fri, 05 Jun 2026 18:42:19 +0000 https://vulnerability.circl.lu/sighting/3b7f448d-1160-40e1-bb3d-96ea20a93427/export {"uuid": "3b7f448d-1160-40e1-bb3d-96ea20a93427", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/secdb.bsky.social/post/3mnkt4ofewr2o", "content": "\ud83d\udea8 CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0605)\n\n\u26a0\ufe0f CVE-2026-28318 - SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability\n\n\n#ZEN #SecDB #InfoSec #CISA_KEV", "creation_timestamp": "2026-06-05T19:00:14.048604Z"} {"uuid": "3b7f448d-1160-40e1-bb3d-96ea20a93427", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/secdb.bsky.social/post/3mnkt4ofewr2o", "content": "\ud83d\udea8 CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0605)\n\n\u26a0\ufe0f CVE-2026-28318 - SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability\n\n\n#ZEN #SecDB #InfoSec #CISA_KEV", "creation_timestamp": "2026-06-05T19:00:14.048604Z"} https://vulnerability.circl.lu/sighting/3b7f448d-1160-40e1-bb3d-96ea20a93427/export Fri, 05 Jun 2026 19:00:14 +0000 https://vulnerability.circl.lu/sighting/3c480856-7e03-4888-a18c-cf7d2d1184c9/export {"uuid": "3c480856-7e03-4888-a18c-cf7d2d1184c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mnkwmrimu72n", "content": "~Cisa~\nCISA added SolarWinds Serv-U vulnerability CVE-2026-28318 to its KEV catalog due to active exploitation.\n-\nIOCs: CVE-2026-28318\n-\n#CVE202628318 #SolarWinds #ThreatIntel", "creation_timestamp": "2026-06-05T20:02:55.769813Z"} {"uuid": "3c480856-7e03-4888-a18c-cf7d2d1184c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mnkwmrimu72n", "content": "~Cisa~\nCISA added SolarWinds Serv-U vulnerability CVE-2026-28318 to its KEV catalog due to active exploitation.\n-\nIOCs: CVE-2026-28318\n-\n#CVE202628318 #SolarWinds #ThreatIntel", "creation_timestamp": "2026-06-05T20:02:55.769813Z"} https://vulnerability.circl.lu/sighting/3c480856-7e03-4888-a18c-cf7d2d1184c9/export Fri, 05 Jun 2026 20:02:55 +0000 https://vulnerability.circl.lu/sighting/f83a9a61-4c05-4b65-a84a-78f6d568bd4f/export {"uuid": "f83a9a61-4c05-4b65-a84a-78f6d568bd4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnl2oh32kk2j", "content": "CISA says attackers are exploiting SolarWinds Serv-U CVE-2026-28318 to crash exposed servers via crafted POST requests. SolarWinds has issued Hotfix 1 for the denial-of-service flaw. #SolarWinds #ServU #CISA", "creation_timestamp": "2026-06-05T21:15:26.907444Z"} {"uuid": "f83a9a61-4c05-4b65-a84a-78f6d568bd4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnl2oh32kk2j", "content": "CISA says attackers are exploiting SolarWinds Serv-U CVE-2026-28318 to crash exposed servers via crafted POST requests. SolarWinds has issued Hotfix 1 for the denial-of-service flaw. #SolarWinds #ServU #CISA", "creation_timestamp": "2026-06-05T21:15:26.907444Z"} https://vulnerability.circl.lu/sighting/f83a9a61-4c05-4b65-a84a-78f6d568bd4f/export Fri, 05 Jun 2026 21:15:26 +0000 https://vulnerability.circl.lu/sighting/214979d9-b8b2-4012-8d65-f1232de5fca8/export {"uuid": "214979d9-b8b2-4012-8d65-f1232de5fca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/cyberlensai.bsky.social/post/3mnli7wttdj22", "content": "CVE watch: CVE-2026-28318: SolarWinds Serv-U \u2014 SolarWinds Serv-U Uncontrolled\u2026\n\nCheck exposure, dependency, and agent/tool access before panic-patching. Inventory beats vibes.\n\nSource: cisa.gov\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2026-28318", "creation_timestamp": "2026-06-06T01:17:52.306365Z"} {"uuid": "214979d9-b8b2-4012-8d65-f1232de5fca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/cyberlensai.bsky.social/post/3mnli7wttdj22", "content": "CVE watch: CVE-2026-28318: SolarWinds Serv-U \u2014 SolarWinds Serv-U Uncontrolled\u2026\n\nCheck exposure, dependency, and agent/tool access before panic-patching. Inventory beats vibes.\n\nSource: cisa.gov\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2026-28318", "creation_timestamp": "2026-06-06T01:17:52.306365Z"} https://vulnerability.circl.lu/sighting/214979d9-b8b2-4012-8d65-f1232de5fca8/export Sat, 06 Jun 2026 01:17:52 +0000 https://vulnerability.circl.lu/sighting/1711f9c7-5bc2-4c7f-b9a7-c05fac9dbba3/export {"uuid": "1711f9c7-5bc2-4c7f-b9a7-c05fac9dbba3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3mnlkspnd6i2j", "content": "CISA Adds One Known Exploited Vulnerability to Catalog\nCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-28318 SolarWinds Serv-U Uncontrolled\u2026\n\n\ud83d\udd17 https://hnow.live/a/0ddbd4c9", "creation_timestamp": "2026-06-06T02:04:10.004367Z"} {"uuid": "1711f9c7-5bc2-4c7f-b9a7-c05fac9dbba3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3mnlkspnd6i2j", "content": "CISA Adds One Known Exploited Vulnerability to Catalog\nCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-28318 SolarWinds Serv-U Uncontrolled\u2026\n\n\ud83d\udd17 https://hnow.live/a/0ddbd4c9", "creation_timestamp": "2026-06-06T02:04:10.004367Z"} https://vulnerability.circl.lu/sighting/1711f9c7-5bc2-4c7f-b9a7-c05fac9dbba3/export Sat, 06 Jun 2026 02:04:10 +0000