<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Tue, 14 Jul 2026 10:09:05 +0000</lastBuildDate>
    <item>
      <title>45ae3bda-1017-41e9-8f1d-93efb5737d2b</title>
      <link>https://vulnerability.circl.lu/sighting/45ae3bda-1017-41e9-8f1d-93efb5737d2b/export</link>
      <description>{"uuid": "45ae3bda-1017-41e9-8f1d-93efb5737d2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41041", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqlbpw4hwo2f", "content": "\ud83d\udccc CVE-2026-41041 - URL path injection via unencoded user-supplied identifiers vulnerability in Apache Gravitino.\n\nThis issue affects Apache Gravitino: from 1.0.0 before ... https://www.cyberhub.blog/cves/CVE-2026-41041", "creation_timestamp": "2026-07-14T03:37:07.030137Z"}</description>
      <content:encoded>{"uuid": "45ae3bda-1017-41e9-8f1d-93efb5737d2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41041", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqlbpw4hwo2f", "content": "\ud83d\udccc CVE-2026-41041 - URL path injection via unencoded user-supplied identifiers vulnerability in Apache Gravitino.\n\nThis issue affects Apache Gravitino: from 1.0.0 before ... https://www.cyberhub.blog/cves/CVE-2026-41041", "creation_timestamp": "2026-07-14T03:37:07.030137Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/45ae3bda-1017-41e9-8f1d-93efb5737d2b/export</guid>
      <pubDate>Tue, 14 Jul 2026 03:37:07 +0000</pubDate>
    </item>
    <item>
      <title>fc86f251-0761-4a6c-85b8-3fd8d5161db2</title>
      <link>https://vulnerability.circl.lu/sighting/fc86f251-0761-4a6c-85b8-3fd8d5161db2/export</link>
      <description>{"uuid": "fc86f251-0761-4a6c-85b8-3fd8d5161db2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41041", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkzdjoiir2w", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-41041 \u0432 Apache: \u0443\u0433\u0440\u043e\u0437\u0430 URL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b\n\n\n\nhttps://kripta.biz/posts/645D99B0-7BBC-4833-BF58-A1849630DF4D", "creation_timestamp": "2026-07-14T01:07:01.254042Z"}</description>
      <content:encoded>{"uuid": "fc86f251-0761-4a6c-85b8-3fd8d5161db2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41041", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkzdjoiir2w", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-41041 \u0432 Apache: \u0443\u0433\u0440\u043e\u0437\u0430 URL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b\n\n\n\nhttps://kripta.biz/posts/645D99B0-7BBC-4833-BF58-A1849630DF4D", "creation_timestamp": "2026-07-14T01:07:01.254042Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/fc86f251-0761-4a6c-85b8-3fd8d5161db2/export</guid>
      <pubDate>Tue, 14 Jul 2026 01:07:01 +0000</pubDate>
    </item>
    <item>
      <title>e35e002f-27e5-4a03-af0e-d5c74ddf2cf2</title>
      <link>https://vulnerability.circl.lu/sighting/e35e002f-27e5-4a03-af0e-d5c74ddf2cf2/export</link>
      <description>{"uuid": "e35e002f-27e5-4a03-af0e-d5c74ddf2cf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41041", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqkaefjajh24", "content": "CVE-2026-41041 - apache gravitino\nApache Gravitino's MCP REST client fails to properly encode user input in URLs, potentially allowing attackers to access sensitive data or API endpoints.\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#apachegravitino #apachefoundation #CVE #infosec", "creation_timestamp": "2026-07-13T17:40:06.874702Z"}</description>
      <content:encoded>{"uuid": "e35e002f-27e5-4a03-af0e-d5c74ddf2cf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41041", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqkaefjajh24", "content": "CVE-2026-41041 - apache gravitino\nApache Gravitino's MCP REST client fails to properly encode user input in URLs, potentially allowing attackers to access sensitive data or API endpoints.\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#apachegravitino #apachefoundation #CVE #infosec", "creation_timestamp": "2026-07-13T17:40:06.874702Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e35e002f-27e5-4a03-af0e-d5c74ddf2cf2/export</guid>
      <pubDate>Mon, 13 Jul 2026 17:40:06 +0000</pubDate>
    </item>
    <item>
      <title>8cddc32b-fae1-450c-bf7d-6a5dacc249f0</title>
      <link>https://vulnerability.circl.lu/sighting/8cddc32b-fae1-450c-bf7d-6a5dacc249f0/export</link>
      <description>{"uuid": "8cddc32b-fae1-450c-bf7d-6a5dacc249f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41041", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjvvulqhy2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-41041 \u0432 Apache: \u0443\u0433\u0440\u043e\u0437\u0430 URL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b\n\n\n\nhttps://kripta.biz/posts/B1084611-D2B9-4763-9D66-2B1AF7A0D054", "creation_timestamp": "2026-07-13T14:33:01.834703Z"}</description>
      <content:encoded>{"uuid": "8cddc32b-fae1-450c-bf7d-6a5dacc249f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41041", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjvvulqhy2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-41041 \u0432 Apache: \u0443\u0433\u0440\u043e\u0437\u0430 URL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b\n\n\n\nhttps://kripta.biz/posts/B1084611-D2B9-4763-9D66-2B1AF7A0D054", "creation_timestamp": "2026-07-13T14:33:01.834703Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/8cddc32b-fae1-450c-bf7d-6a5dacc249f0/export</guid>
      <pubDate>Mon, 13 Jul 2026 14:33:01 +0000</pubDate>
    </item>
    <item>
      <title>b1858760-2f04-435b-b5aa-b83f1ad1aae8</title>
      <link>https://vulnerability.circl.lu/sighting/b1858760-2f04-435b-b5aa-b83f1ad1aae8/export</link>
      <description>{"uuid": "b1858760-2f04-435b-b5aa-b83f1ad1aae8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41041", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mqito7op4j2u", "content": "CVE-2026-41041: Apache Gravitino: URL path injection via unencoded user-supplied identifiers in MCP REST client f-string URL construction, enabling path traversal to unintended API endpoints.", "creation_timestamp": "2026-07-13T04:20:18.084410Z"}</description>
      <content:encoded>{"uuid": "b1858760-2f04-435b-b5aa-b83f1ad1aae8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41041", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mqito7op4j2u", "content": "CVE-2026-41041: Apache Gravitino: URL path injection via unencoded user-supplied identifiers in MCP REST client f-string URL construction, enabling path traversal to unintended API endpoints.", "creation_timestamp": "2026-07-13T04:20:18.084410Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b1858760-2f04-435b-b5aa-b83f1ad1aae8/export</guid>
      <pubDate>Mon, 13 Jul 2026 04:20:18 +0000</pubDate>
    </item>
  </channel>
</rss>
