<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Wed, 01 Jul 2026 15:11:54 +0000</lastBuildDate>
    <item>
      <title>8c549731-dac5-464b-aba7-45ad62c9bd35</title>
      <link>https://vulnerability.circl.lu/sighting/8c549731-dac5-464b-aba7-45ad62c9bd35/export</link>
      <description>{"uuid": "8c549731-dac5-464b-aba7-45ad62c9bd35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-51926", "type": "seen", "source": "https://gist.github.com/ZeroBreach-GmbH/50b019f73861d09a85ddaa8f0f239511", "content": "##### Description\n\nA vulnerability was identified in the authentication mechanism that allows user enumeration through the login interface. An attacker can differentiate between valid and invalid usernames based on variations in server responses. This information can be leveraged to identify existing accounts and facilitate further attacks, including brute-force or credential stuffing.\n\n##### Details\n\n*   **Product:** docuForm FSM Server\n*   **Affected Versions:** 11.11c\n*   **Vulnerability Type:** CWE-204: Observable Response Discrepancy\n*   **Risk Level:** Medium - CVSS 3.1: 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n*   **Vendor URL:** www.docuform.de\n*   **CVE:** CVE-2026-51926\n\n##### Impact\n\nAn attacker can exploit this vulnerability to enumerate valid usernames through the login interface by observing differences in error messages for valid versus invalid usernames. This information disclosure can be used to compile a list of active accounts, which may facilitate targeted brute\u2011force, credential\u2011stuffing or social\u2011engineering attacks against identified users.\n\n##### References\n\n*   [National Vulnerability Database CVE-2026-51926](https://nvd.nist.gov/vuln/detail/CVE-2026-51926)\n*   [ZeroBreach GmbH - CVE-2026-51926](https://zerobreach.de/blog/security-advisories/CVE-2026-51926.html)\n\n##### Timeline\n\n*   **2025-10:** Vulnerability reported to the vendor.\n*   **2025-11:** Vendor published a fix for the issue.\n*   **2026-06:** Information about the vulnerability is published.\n\n##### Credits\n\n*   Bastian Recktenwald ([Bastian.Recktenwald@ZeroBreach.de](mailto:Bastian.Recktenwald@ZeroBreach.de))", "creation_timestamp": "2026-07-01T08:31:20.588803Z"}</description>
      <content:encoded>{"uuid": "8c549731-dac5-464b-aba7-45ad62c9bd35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-51926", "type": "seen", "source": "https://gist.github.com/ZeroBreach-GmbH/50b019f73861d09a85ddaa8f0f239511", "content": "##### Description\n\nA vulnerability was identified in the authentication mechanism that allows user enumeration through the login interface. An attacker can differentiate between valid and invalid usernames based on variations in server responses. This information can be leveraged to identify existing accounts and facilitate further attacks, including brute-force or credential stuffing.\n\n##### Details\n\n*   **Product:** docuForm FSM Server\n*   **Affected Versions:** 11.11c\n*   **Vulnerability Type:** CWE-204: Observable Response Discrepancy\n*   **Risk Level:** Medium - CVSS 3.1: 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n*   **Vendor URL:** www.docuform.de\n*   **CVE:** CVE-2026-51926\n\n##### Impact\n\nAn attacker can exploit this vulnerability to enumerate valid usernames through the login interface by observing differences in error messages for valid versus invalid usernames. This information disclosure can be used to compile a list of active accounts, which may facilitate targeted brute\u2011force, credential\u2011stuffing or social\u2011engineering attacks against identified users.\n\n##### References\n\n*   [National Vulnerability Database CVE-2026-51926](https://nvd.nist.gov/vuln/detail/CVE-2026-51926)\n*   [ZeroBreach GmbH - CVE-2026-51926](https://zerobreach.de/blog/security-advisories/CVE-2026-51926.html)\n\n##### Timeline\n\n*   **2025-10:** Vulnerability reported to the vendor.\n*   **2025-11:** Vendor published a fix for the issue.\n*   **2026-06:** Information about the vulnerability is published.\n\n##### Credits\n\n*   Bastian Recktenwald ([Bastian.Recktenwald@ZeroBreach.de](mailto:Bastian.Recktenwald@ZeroBreach.de))", "creation_timestamp": "2026-07-01T08:31:20.588803Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/8c549731-dac5-464b-aba7-45ad62c9bd35/export</guid>
      <pubDate>Wed, 01 Jul 2026 08:31:20 +0000</pubDate>
    </item>
  </channel>
</rss>
