https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 10 Jun 2026 06:51:43 +0000 https://vulnerability.circl.lu/sighting/e0c4d3dc-4a18-449a-bd56-23d37fecc4f2/export {"uuid": "e0c4d3dc-4a18-449a-bd56-23d37fecc4f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46402", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmumods67b2r", "content": "CVE-2026-46402 - Microsoft UFO uses untrusted task_name in log paths, allowing authenticated path traversal and log file creation outside the logs directory\nCVE ID : CVE-2026-46402\n \n Published : May 27, 2026, 9:54 p.m. | 38\u00a0minutes ago\n \n Description : Microsoft UFO open-sour...", "creation_timestamp": "2026-05-27T23:06:16.309837Z"} {"uuid": "e0c4d3dc-4a18-449a-bd56-23d37fecc4f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46402", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmumods67b2r", "content": "CVE-2026-46402 - Microsoft UFO uses untrusted task_name in log paths, allowing authenticated path traversal and log file creation outside the logs directory\nCVE ID : CVE-2026-46402\n \n Published : May 27, 2026, 9:54 p.m. | 38\u00a0minutes ago\n \n Description : Microsoft UFO open-sour...", "creation_timestamp": "2026-05-27T23:06:16.309837Z"} https://vulnerability.circl.lu/sighting/e0c4d3dc-4a18-449a-bd56-23d37fecc4f2/export Wed, 27 May 2026 23:06:16 +0000 https://vulnerability.circl.lu/sighting/7e89e59f-b716-4139-8fdb-93a66c92e173/export {"uuid": "7e89e59f-b716-4139-8fdb-93a66c92e173", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46402", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mmuyanmsf327", "content": "Microsoft UFO 3.0.1-4-ge2626659\u3067\u306f\u3001\u8a8d\u8a3c\u6e08\u307f\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u304ctask_name\u306b\u30d1\u30b9\u30fb\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u30fb\u30b7\u30fc\u30b1\u30f3\u30b9\u3092\u4ed5\u8fbc\u307f\u3001\u610f\u56f3\u3057\u306a\u3044\u5834\u6240\u3078\u306e\u30ed\u30b0\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u30fb\u30d5\u30a1\u30a4\u30eb\u4f5c\u6210\u2026\nCVE-2026-46402 CVSS 8.1 | HIGH", "creation_timestamp": "2026-05-28T02:33:22.415960Z"} {"uuid": "7e89e59f-b716-4139-8fdb-93a66c92e173", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46402", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mmuyanmsf327", "content": "Microsoft UFO 3.0.1-4-ge2626659\u3067\u306f\u3001\u8a8d\u8a3c\u6e08\u307f\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u304ctask_name\u306b\u30d1\u30b9\u30fb\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u30fb\u30b7\u30fc\u30b1\u30f3\u30b9\u3092\u4ed5\u8fbc\u307f\u3001\u610f\u56f3\u3057\u306a\u3044\u5834\u6240\u3078\u306e\u30ed\u30b0\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u30fb\u30d5\u30a1\u30a4\u30eb\u4f5c\u6210\u2026\nCVE-2026-46402 CVSS 8.1 | HIGH", "creation_timestamp": "2026-05-28T02:33:22.415960Z"} https://vulnerability.circl.lu/sighting/7e89e59f-b716-4139-8fdb-93a66c92e173/export Thu, 28 May 2026 02:33:22 +0000 https://vulnerability.circl.lu/sighting/d20c1810-af2c-44f4-9e49-8ddf69abf79c/export {"uuid": "d20c1810-af2c-44f4-9e49-8ddf69abf79c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46402", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116650673866596517", "content": "\u26a0\ufe0f HIGH severity: Microsoft UFO 3.0.1-4-ge2626659 has a path traversal vuln (CVE-2026-46402). Authenticated users can write files outside logs/. No patch yet \u2014 restrict access & monitor input. https://radar.offseq.com/threat/cve-2026-46402-cwe-22-improper-limitation-of-a-pat-6437f7ab #OffSeq #Microsoft #PathTraversal #CVE202646402", "creation_timestamp": "2026-05-28T06:00:29.290083Z"} {"uuid": "d20c1810-af2c-44f4-9e49-8ddf69abf79c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46402", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116650673866596517", "content": "\u26a0\ufe0f HIGH severity: Microsoft UFO 3.0.1-4-ge2626659 has a path traversal vuln (CVE-2026-46402). Authenticated users can write files outside logs/. No patch yet \u2014 restrict access & monitor input. https://radar.offseq.com/threat/cve-2026-46402-cwe-22-improper-limitation-of-a-pat-6437f7ab #OffSeq #Microsoft #PathTraversal #CVE202646402", "creation_timestamp": "2026-05-28T06:00:29.290083Z"} https://vulnerability.circl.lu/sighting/d20c1810-af2c-44f4-9e49-8ddf69abf79c/export Thu, 28 May 2026 06:00:29 +0000 https://vulnerability.circl.lu/sighting/42eab82b-0471-4295-8f67-e16f039aa432/export {"uuid": "42eab82b-0471-4295-8f67-e16f039aa432", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46402", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mmvdsz2lzi2p", "content": "Microsoft UFO 3.0.1-4-ge2626659: HIGH severity path traversal lets authenticated users create files beyond logs/. No patch \u2014 restrict access & monitor inputs. https://radar.offseq.com/threat/cve-2026-46402-cwe-22-improper-limitation-of-a-pat-6437f7ab #OffSeq #Microsoft #Vulnerability", "creation_timestamp": "2026-05-28T06:00:30.480810Z"} {"uuid": "42eab82b-0471-4295-8f67-e16f039aa432", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46402", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mmvdsz2lzi2p", "content": "Microsoft UFO 3.0.1-4-ge2626659: HIGH severity path traversal lets authenticated users create files beyond logs/. No patch \u2014 restrict access & monitor inputs. https://radar.offseq.com/threat/cve-2026-46402-cwe-22-improper-limitation-of-a-pat-6437f7ab #OffSeq #Microsoft #Vulnerability", "creation_timestamp": "2026-05-28T06:00:30.480810Z"} https://vulnerability.circl.lu/sighting/42eab82b-0471-4295-8f67-e16f039aa432/export Thu, 28 May 2026 06:00:30 +0000