<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 03 Jul 2026 11:07:38 +0000</lastBuildDate>
    <item>
      <title>ac3d8681-3063-4a49-a72f-f0d6c5ff1118</title>
      <link>https://vulnerability.circl.lu/sighting/ac3d8681-3063-4a49-a72f-f0d6c5ff1118/export</link>
      <description>{"uuid": "ac3d8681-3063-4a49-a72f-f0d6c5ff1118", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4767", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mppnxov22g2i", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-4767 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 TR7 Cyber Defense: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/193DCDDE-A123-46DF-B380-58836ACD9C9A", "creation_timestamp": "2026-07-03T04:01:39.895076Z"}</description>
      <content:encoded>{"uuid": "ac3d8681-3063-4a49-a72f-f0d6c5ff1118", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4767", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mppnxov22g2i", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-4767 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 TR7 Cyber Defense: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/193DCDDE-A123-46DF-B380-58836ACD9C9A", "creation_timestamp": "2026-07-03T04:01:39.895076Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ac3d8681-3063-4a49-a72f-f0d6c5ff1118/export</guid>
      <pubDate>Fri, 03 Jul 2026 04:01:39 +0000</pubDate>
    </item>
    <item>
      <title>3076a30f-e86e-4ed3-a51e-9ad35b47e3f1</title>
      <link>https://vulnerability.circl.lu/sighting/3076a30f-e86e-4ed3-a51e-9ad35b47e3f1/export</link>
      <description>{"uuid": "3076a30f-e86e-4ed3-a51e-9ad35b47e3f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4767", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3mpofn66j252j", "content": "\ud83d\udc1b VULNERABILITIES CVE Notify: \ud83d\udea8 [CVE-2026-4767](https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0487)\nMissing auth...\nhttps://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0487 #Vulnerability #CVE #ZeroDay", "creation_timestamp": "2026-07-02T15:59:57.246063Z"}</description>
      <content:encoded>{"uuid": "3076a30f-e86e-4ed3-a51e-9ad35b47e3f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4767", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3mpofn66j252j", "content": "\ud83d\udc1b VULNERABILITIES CVE Notify: \ud83d\udea8 [CVE-2026-4767](https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0487)\nMissing auth...\nhttps://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0487 #Vulnerability #CVE #ZeroDay", "creation_timestamp": "2026-07-02T15:59:57.246063Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3076a30f-e86e-4ed3-a51e-9ad35b47e3f1/export</guid>
      <pubDate>Thu, 02 Jul 2026 15:59:57 +0000</pubDate>
    </item>
    <item>
      <title>38d632b0-1d12-46e3-9bc1-862be9ffa82a</title>
      <link>https://vulnerability.circl.lu/sighting/38d632b0-1d12-46e3-9bc1-862be9ffa82a/export</link>
      <description>{"uuid": "38d632b0-1d12-46e3-9bc1-862be9ffa82a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4767", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpoe2bhq6y2a", "content": "CVE-2026-4767 - Improper Access Control in TR7's WAF-ASP\nCVE ID : CVE-2026-4767\n \n Published : July 2, 2026, 1:12 p.m. | 2\u00a0hours ago\n \n Description : Missing authentication for critical function vulnerability in TR7 Cyber \u200b\u200bDefense Inc. WAF-ASP allows Authentication Abuse.\n\nTh...", "creation_timestamp": "2026-07-02T15:31:29.483158Z"}</description>
      <content:encoded>{"uuid": "38d632b0-1d12-46e3-9bc1-862be9ffa82a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4767", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpoe2bhq6y2a", "content": "CVE-2026-4767 - Improper Access Control in TR7's WAF-ASP\nCVE ID : CVE-2026-4767\n \n Published : July 2, 2026, 1:12 p.m. | 2\u00a0hours ago\n \n Description : Missing authentication for critical function vulnerability in TR7 Cyber \u200b\u200bDefense Inc. WAF-ASP allows Authentication Abuse.\n\nTh...", "creation_timestamp": "2026-07-02T15:31:29.483158Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/38d632b0-1d12-46e3-9bc1-862be9ffa82a/export</guid>
      <pubDate>Thu, 02 Jul 2026 15:31:29 +0000</pubDate>
    </item>
    <item>
      <title>e4ca4499-1dd8-4b3f-b9cb-4bbbfba6cf7d</title>
      <link>https://vulnerability.circl.lu/sighting/e4ca4499-1dd8-4b3f-b9cb-4bbbfba6cf7d/export</link>
      <description>{"uuid": "e4ca4499-1dd8-4b3f-b9cb-4bbbfba6cf7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47670", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-47670.yaml", "content": "", "creation_timestamp": "2026-06-15T06:58:24.000000Z"}</description>
      <content:encoded>{"uuid": "e4ca4499-1dd8-4b3f-b9cb-4bbbfba6cf7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47670", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-47670.yaml", "content": "", "creation_timestamp": "2026-06-15T06:58:24.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e4ca4499-1dd8-4b3f-b9cb-4bbbfba6cf7d/export</guid>
      <pubDate>Mon, 15 Jun 2026 06:58:24 +0000</pubDate>
    </item>
    <item>
      <title>aa1a1ec5-992a-40b6-b4d0-ee5ad1945818</title>
      <link>https://vulnerability.circl.lu/sighting/aa1a1ec5-992a-40b6-b4d0-ee5ad1945818/export</link>
      <description>{"uuid": "aa1a1ec5-992a-40b6-b4d0-ee5ad1945818", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47676", "type": "seen", "source": "https://gist.github.com/alon710/9a85ace33b5f15b6d07a68897c3ce675", "content": "# CVE-2026-47676: CVE-2026-47676: Inconsistent Path Parsing and Slicing in Hono Framework Sub-Application Mounting\n\n&amp;gt; **CVSS Score:** 5.3\n&amp;gt; **Published:** 2026-06-04\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-47676\n\n## Summary\nA path parsing and normalization inconsistency vulnerability exists in the Hono web framework prior to version 4.12.21. When hosting sub-applications via the app.mount() routing interface, Hono calculates the routing path prefix length on a percent-decoded representation of the URI but executes the path-slicing offset on the raw, percent-encoded string. This discrepancy results in malformed request paths being dispatched to mounted sub-applications, potentially leading to route bypasses, route confusion, and application-level Denial of Service.\n\n## TL;DR\nAn inconsistency between decoded prefix matching and raw path-slicing in Hono's app.mount() causes malformed path propagation and routing failures when processing percent-encoded multi-byte URI characters.\n\n## Technical Details\n\n- **CWE ID**: CWE-444 (Inconsistent Interpretation of HTTP Requests)\n- **Attack Vector**: Network (AV:N)\n- **CVSS Severity**: 5.3 Medium\n- **Exploit Status**: Proof of Concept available in test suites\n- **KEV Status**: Not listed\n- **Ransomware Use**: No known usage\n\n## Affected Systems\n\n- Hono framework web applications running on Node.js, Bun, Deno, or Cloudflare Workers\n- **hono**: &amp;lt; 4.12.21 (Fixed in: `4.12.21`)\n\n## Mitigation\n\n- Upgrade Hono dependencies to version 4.12.21 or higher\n- Ensure all mount prefixes are defined strictly using Unicode literals rather than percent-encoded strings\n- Implement a global catch-all exception handler to catch unhandled URIErrors resulting from malformed HTTP paths\n\n**Remediation Steps:**\n1. Identify all projects utilizing Hono by running 'npm ls hono' or equivalent package manager commands\n2. Update the project package.json to require 'hono': '^4.12.21' or higher\n3. Execute the package manager install command to apply the update ('npm install' or 'pnpm install')\n4. Review codebase usage of 'app.mount' to ensure prefixes do not contain hardcoded percent-encoded characters\n5. Re-deploy the application to production and run regression tests containing non-ASCII route characters\n\n## References\n\n- [Hono Security Advisory GHSA-2gcr-mfcq-wcc3](https://github.com/honojs/hono/security/advisories/GHSA-2gcr-mfcq-wcc3)\n- [Fix Commit 6cbb025](https://github.com/honojs/hono/commit/6cbb025ff87fca1a3d00d0ccca0eaf3a6385c3f1)\n- [CVE-2026-47676 Record](https://www.cve.org/CVERecord?id=CVE-2026-47676)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-47676) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-04T18:41:16.000000Z"}</description>
      <content:encoded>{"uuid": "aa1a1ec5-992a-40b6-b4d0-ee5ad1945818", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47676", "type": "seen", "source": "https://gist.github.com/alon710/9a85ace33b5f15b6d07a68897c3ce675", "content": "# CVE-2026-47676: CVE-2026-47676: Inconsistent Path Parsing and Slicing in Hono Framework Sub-Application Mounting\n\n&amp;gt; **CVSS Score:** 5.3\n&amp;gt; **Published:** 2026-06-04\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-47676\n\n## Summary\nA path parsing and normalization inconsistency vulnerability exists in the Hono web framework prior to version 4.12.21. When hosting sub-applications via the app.mount() routing interface, Hono calculates the routing path prefix length on a percent-decoded representation of the URI but executes the path-slicing offset on the raw, percent-encoded string. This discrepancy results in malformed request paths being dispatched to mounted sub-applications, potentially leading to route bypasses, route confusion, and application-level Denial of Service.\n\n## TL;DR\nAn inconsistency between decoded prefix matching and raw path-slicing in Hono's app.mount() causes malformed path propagation and routing failures when processing percent-encoded multi-byte URI characters.\n\n## Technical Details\n\n- **CWE ID**: CWE-444 (Inconsistent Interpretation of HTTP Requests)\n- **Attack Vector**: Network (AV:N)\n- **CVSS Severity**: 5.3 Medium\n- **Exploit Status**: Proof of Concept available in test suites\n- **KEV Status**: Not listed\n- **Ransomware Use**: No known usage\n\n## Affected Systems\n\n- Hono framework web applications running on Node.js, Bun, Deno, or Cloudflare Workers\n- **hono**: &amp;lt; 4.12.21 (Fixed in: `4.12.21`)\n\n## Mitigation\n\n- Upgrade Hono dependencies to version 4.12.21 or higher\n- Ensure all mount prefixes are defined strictly using Unicode literals rather than percent-encoded strings\n- Implement a global catch-all exception handler to catch unhandled URIErrors resulting from malformed HTTP paths\n\n**Remediation Steps:**\n1. Identify all projects utilizing Hono by running 'npm ls hono' or equivalent package manager commands\n2. Update the project package.json to require 'hono': '^4.12.21' or higher\n3. Execute the package manager install command to apply the update ('npm install' or 'pnpm install')\n4. Review codebase usage of 'app.mount' to ensure prefixes do not contain hardcoded percent-encoded characters\n5. Re-deploy the application to production and run regression tests containing non-ASCII route characters\n\n## References\n\n- [Hono Security Advisory GHSA-2gcr-mfcq-wcc3](https://github.com/honojs/hono/security/advisories/GHSA-2gcr-mfcq-wcc3)\n- [Fix Commit 6cbb025](https://github.com/honojs/hono/commit/6cbb025ff87fca1a3d00d0ccca0eaf3a6385c3f1)\n- [CVE-2026-47676 Record](https://www.cve.org/CVERecord?id=CVE-2026-47676)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-47676) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-04T18:41:16.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/aa1a1ec5-992a-40b6-b4d0-ee5ad1945818/export</guid>
      <pubDate>Thu, 04 Jun 2026 18:41:16 +0000</pubDate>
    </item>
    <item>
      <title>81ca0a65-a675-4386-897f-f3ead497839a</title>
      <link>https://vulnerability.circl.lu/sighting/81ca0a65-a675-4386-897f-f3ead497839a/export</link>
      <description>{"uuid": "81ca0a65-a675-4386-897f-f3ead497839a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-47670", "type": "published-proof-of-concept", "source": "https://github.com/dbgate/dbgate/security/advisories/GHSA-wm5r-5qp3-5vxf", "content": "", "creation_timestamp": "2026-05-20T09:31:12.000000Z"}</description>
      <content:encoded>{"uuid": "81ca0a65-a675-4386-897f-f3ead497839a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-47670", "type": "published-proof-of-concept", "source": "https://github.com/dbgate/dbgate/security/advisories/GHSA-wm5r-5qp3-5vxf", "content": "", "creation_timestamp": "2026-05-20T09:31:12.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/81ca0a65-a675-4386-897f-f3ead497839a/export</guid>
      <pubDate>Wed, 20 May 2026 09:31:12 +0000</pubDate>
    </item>
    <item>
      <title>87fe8521-3ee0-4f66-b2d7-fda7a4ad3e88</title>
      <link>https://vulnerability.circl.lu/sighting/87fe8521-3ee0-4f66-b2d7-fda7a4ad3e88/export</link>
      <description>{"uuid": "87fe8521-3ee0-4f66-b2d7-fda7a4ad3e88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-47671", "type": "published-proof-of-concept", "source": "https://github.com/nhost/nhost/security/advisories/GHSA-64cj-qvx5-m4f3", "content": "", "creation_timestamp": "2026-05-19T11:17:06.000000Z"}</description>
      <content:encoded>{"uuid": "87fe8521-3ee0-4f66-b2d7-fda7a4ad3e88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-47671", "type": "published-proof-of-concept", "source": "https://github.com/nhost/nhost/security/advisories/GHSA-64cj-qvx5-m4f3", "content": "", "creation_timestamp": "2026-05-19T11:17:06.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/87fe8521-3ee0-4f66-b2d7-fda7a4ad3e88/export</guid>
      <pubDate>Tue, 19 May 2026 11:17:06 +0000</pubDate>
    </item>
  </channel>
</rss>
