https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 02 Jun 2026 07:40:45 +0000 https://vulnerability.circl.lu/sighting/1a1a5fc0-864d-4655-9cd0-418cd9b29b09/export {"uuid": "1a1a5fc0-864d-4655-9cd0-418cd9b29b09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mkgzljmjvd2z", "content": "", "creation_timestamp": "2026-04-27T02:29:40.886409Z"} {"uuid": "1a1a5fc0-864d-4655-9cd0-418cd9b29b09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mkgzljmjvd2z", "content": "", "creation_timestamp": "2026-04-27T02:29:40.886409Z"} https://vulnerability.circl.lu/sighting/1a1a5fc0-864d-4655-9cd0-418cd9b29b09/export Mon, 27 Apr 2026 02:29:40 +0000 https://vulnerability.circl.lu/sighting/a82b8481-2232-455f-9193-26fa570063ee/export {"uuid": "a82b8481-2232-455f-9193-26fa570063ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "https://bsky.app/profile/cesnet-certs.mastodonczech.cz.ap.brid.gy/post/3mkqjxoulnhd2", "content": "[[TLP:CLEAR] Apache ActiveMQ opravuje 4 zranitelnosti]\n\nApache Software Foundation verzemi 5.19.5 a 6.2.4 opravuje 4 zranitelnosti v produktech Apache ActiveMQ (Classic, All, Broker, Client, MQTT) \u2b07\ufe0f. Nejz\u00e1va\u017en\u011bj\u0161\u00ed z nich jsou pops\u00e1ny n\u00ed\u017ee, p\u0159i\u010dem\u017e zranitelnost CVE-2026-34197 je ji\u017e aktivn\u011b [\u2026]", "creation_timestamp": "2026-04-30T21:16:52.035083Z"} {"uuid": "a82b8481-2232-455f-9193-26fa570063ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "https://bsky.app/profile/cesnet-certs.mastodonczech.cz.ap.brid.gy/post/3mkqjxoulnhd2", "content": "[[TLP:CLEAR] Apache ActiveMQ opravuje 4 zranitelnosti]\n\nApache Software Foundation verzemi 5.19.5 a 6.2.4 opravuje 4 zranitelnosti v produktech Apache ActiveMQ (Classic, All, Broker, Client, MQTT) \u2b07\ufe0f. Nejz\u00e1va\u017en\u011bj\u0161\u00ed z nich jsou pops\u00e1ny n\u00ed\u017ee, p\u0159i\u010dem\u017e zranitelnost CVE-2026-34197 je ji\u017e aktivn\u011b [\u2026]", "creation_timestamp": "2026-04-30T21:16:52.035083Z"} https://vulnerability.circl.lu/sighting/a82b8481-2232-455f-9193-26fa570063ee/export Thu, 30 Apr 2026 21:16:52 +0000 https://vulnerability.circl.lu/sighting/9669a9b3-ba9d-490e-a48a-47df7c9376d4/export {"uuid": "9669a9b3-ba9d-490e-a48a-47df7c9376d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3mkqop7wvun2g", "content": "Apache ActiveMQ's Jolokia bug (CVE-2026-34197) hits the federal patch deadline today. Horizon3.ai traced the root cause back thirteen years. Shadowserver scanned 6,364 exposed instances April 19. The management API is always exposed wider than the threat model says.\n\n#InfoSec #OpenSource", "creation_timestamp": "2026-04-30T22:41:31.050023Z"} {"uuid": "9669a9b3-ba9d-490e-a48a-47df7c9376d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3mkqop7wvun2g", "content": "Apache ActiveMQ's Jolokia bug (CVE-2026-34197) hits the federal patch deadline today. Horizon3.ai traced the root cause back thirteen years. Shadowserver scanned 6,364 exposed instances April 19. The management API is always exposed wider than the threat model says.\n\n#InfoSec #OpenSource", "creation_timestamp": "2026-04-30T22:41:31.050023Z"} https://vulnerability.circl.lu/sighting/9669a9b3-ba9d-490e-a48a-47df7c9376d4/export Thu, 30 Apr 2026 22:41:31 +0000 https://vulnerability.circl.lu/sighting/7a14bbf9-2993-4cec-8622-0af1957b2d00/export {"uuid": "7a14bbf9-2993-4cec-8622-0af1957b2d00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-02)", "content": "", "creation_timestamp": "2026-05-02T00:00:00.000000Z"} {"uuid": "7a14bbf9-2993-4cec-8622-0af1957b2d00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-02)", "content": "", "creation_timestamp": "2026-05-02T00:00:00.000000Z"} https://vulnerability.circl.lu/sighting/7a14bbf9-2993-4cec-8622-0af1957b2d00/export Sat, 02 May 2026 00:00:00 +0000 https://vulnerability.circl.lu/sighting/cc220784-dd5d-4efb-b1b8-d81e946e9dca/export {"uuid": "cc220784-dd5d-4efb-b1b8-d81e946e9dca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "https://gist.github.com/schonbrennervertex/91ff31dfc9d8329e67faf7b023039fd4", "content": "", "creation_timestamp": "2026-05-05T01:45:35.000000Z"} {"uuid": "cc220784-dd5d-4efb-b1b8-d81e946e9dca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "https://gist.github.com/schonbrennervertex/91ff31dfc9d8329e67faf7b023039fd4", "content": "", "creation_timestamp": "2026-05-05T01:45:35.000000Z"} https://vulnerability.circl.lu/sighting/cc220784-dd5d-4efb-b1b8-d81e946e9dca/export Tue, 05 May 2026 01:45:35 +0000 https://vulnerability.circl.lu/sighting/b9d2abd6-75f4-4cef-a37c-6b7b7a06fa6d/export {"uuid": "b9d2abd6-75f4-4cef-a37c-6b7b7a06fa6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-17)", "content": "", "creation_timestamp": "2026-05-17T00:00:00.000000Z"} {"uuid": "b9d2abd6-75f4-4cef-a37c-6b7b7a06fa6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-17)", "content": "", "creation_timestamp": "2026-05-17T00:00:00.000000Z"} https://vulnerability.circl.lu/sighting/b9d2abd6-75f4-4cef-a37c-6b7b7a06fa6d/export Sun, 17 May 2026 00:00:00 +0000 https://vulnerability.circl.lu/sighting/af2c7c71-630b-4b0f-bb23-1d902a7d9017/export {"uuid": "af2c7c71-630b-4b0f-bb23-1d902a7d9017", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-18)", "content": "", "creation_timestamp": "2026-05-18T00:00:00.000000Z"} {"uuid": "af2c7c71-630b-4b0f-bb23-1d902a7d9017", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-18)", "content": "", "creation_timestamp": "2026-05-18T00:00:00.000000Z"} https://vulnerability.circl.lu/sighting/af2c7c71-630b-4b0f-bb23-1d902a7d9017/export Mon, 18 May 2026 00:00:00 +0000 https://vulnerability.circl.lu/sighting/acf5fdee-19d3-46f5-b03c-c1a180cd058d/export {"uuid": "acf5fdee-19d3-46f5-b03c-c1a180cd058d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-28)", "content": "", "creation_timestamp": "2026-05-28T00:00:00.000000Z"} {"uuid": "acf5fdee-19d3-46f5-b03c-c1a180cd058d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-28)", "content": "", "creation_timestamp": "2026-05-28T00:00:00.000000Z"} https://vulnerability.circl.lu/sighting/acf5fdee-19d3-46f5-b03c-c1a180cd058d/export Thu, 28 May 2026 00:00:00 +0000 https://vulnerability.circl.lu/sighting/6532deea-823a-4048-b46a-21000572c508/export {"uuid": "6532deea-823a-4048-b46a-21000572c508", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-29)", "content": "", "creation_timestamp": "2026-05-29T00:00:00.000000Z"} {"uuid": "6532deea-823a-4048-b46a-21000572c508", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-29)", "content": "", "creation_timestamp": "2026-05-29T00:00:00.000000Z"} https://vulnerability.circl.lu/sighting/6532deea-823a-4048-b46a-21000572c508/export Fri, 29 May 2026 00:00:00 +0000 https://vulnerability.circl.lu/sighting/8ebd5ace-feca-4899-be14-df89f1ce2f55/export {"uuid": "8ebd5ace-feca-4899-be14-df89f1ce2f55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/apache_activemq_jolokia_rce.rb", "content": "{\"aliases\": [], \"arch\": \"cmd\", \"author\": [\"dinosn\", \"h00die\"], \"autofilter_ports\": [80, 8080, 443, 8000, 8888, 8880, 8008, 3000, 8443], \"autofilter_services\": [\"http\", \"https\"], \"check\": true, \"default_credential\": false, \"description\": \"Apache ActiveMQ exposes a Jolokia JMX-over-HTTP API at /api/jolokia/.\\n An authenticated attacker can invoke the addNetworkConnector() MBean\\n operation with a crafted URI that causes the broker to fetch a remote\\n Spring XML configuration over HTTP. The Spring XML instantiates a\\n ProcessBuilder bean that executes attacker-supplied OS commands.\\n\\n Default credentials (admin:admin) are accepted by many installations.\\n\\n Verified on docker image\", \"disclosure_date\": \"2026-04-29\", \"fullname\": \"exploit/multi/http/apache_activemq_jolokia_rce\", \"is_install_path\": true, \"mod_time\": \"2026-05-28 12:56:10 +0000\", \"name\": \"Apache ActiveMQ RCE via Jolokia addNetworkConnector\", \"needs_cleanup\": null, \"notes\": {\"Reliability\": [\"repeatable-session\"], \"SideEffects\": [\"ioc-in-logs\"], \"Stability\": [\"crash-safe\"]}, \"path\": \"/modules/exploits/multi/http/apache_activemq_jolokia_rce.rb\", \"platform\": \"Linux,Unix,Windows\", \"post_auth\": true, \"rank\": 600, \"ref_name\": \"multi/http/apache_activemq_jolokia_rce\", \"references\": [\"CVE-2026-34197\", \"URL-https://github.com/dinosn/CVE-2026-34197\", \"URL-https://horizon3.ai/attack-research/disclosures/cve-2026-34197-activemq-rce-jolokia/\"], \"rport\": 8161, \"session_types\": false, \"targets\": [\"Windows\", \"Linux\", \"Unix\"], \"type\": \"exploit\"}", "creation_timestamp": "2026-05-29T08:03:47.000000Z"} {"uuid": "8ebd5ace-feca-4899-be14-df89f1ce2f55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34197", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/apache_activemq_jolokia_rce.rb", "content": "{\"aliases\": [], \"arch\": \"cmd\", \"author\": [\"dinosn\", \"h00die\"], \"autofilter_ports\": [80, 8080, 443, 8000, 8888, 8880, 8008, 3000, 8443], \"autofilter_services\": [\"http\", \"https\"], \"check\": true, \"default_credential\": false, \"description\": \"Apache ActiveMQ exposes a Jolokia JMX-over-HTTP API at /api/jolokia/.\\n An authenticated attacker can invoke the addNetworkConnector() MBean\\n operation with a crafted URI that causes the broker to fetch a remote\\n Spring XML configuration over HTTP. The Spring XML instantiates a\\n ProcessBuilder bean that executes attacker-supplied OS commands.\\n\\n Default credentials (admin:admin) are accepted by many installations.\\n\\n Verified on docker image\", \"disclosure_date\": \"2026-04-29\", \"fullname\": \"exploit/multi/http/apache_activemq_jolokia_rce\", \"is_install_path\": true, \"mod_time\": \"2026-05-28 12:56:10 +0000\", \"name\": \"Apache ActiveMQ RCE via Jolokia addNetworkConnector\", \"needs_cleanup\": null, \"notes\": {\"Reliability\": [\"repeatable-session\"], \"SideEffects\": [\"ioc-in-logs\"], \"Stability\": [\"crash-safe\"]}, \"path\": \"/modules/exploits/multi/http/apache_activemq_jolokia_rce.rb\", \"platform\": \"Linux,Unix,Windows\", \"post_auth\": true, \"rank\": 600, \"ref_name\": \"multi/http/apache_activemq_jolokia_rce\", \"references\": [\"CVE-2026-34197\", \"URL-https://github.com/dinosn/CVE-2026-34197\", \"URL-https://horizon3.ai/attack-research/disclosures/cve-2026-34197-activemq-rce-jolokia/\"], \"rport\": 8161, \"session_types\": false, \"targets\": [\"Windows\", \"Linux\", \"Unix\"], \"type\": \"exploit\"}", "creation_timestamp": "2026-05-29T08:03:47.000000Z"} https://vulnerability.circl.lu/sighting/8ebd5ace-feca-4899-be14-df89f1ce2f55/export Fri, 29 May 2026 08:03:47 +0000