https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 23 Jun 2026 10:42:02 +0000 https://vulnerability.circl.lu/sighting/62d446e2-7f19-4400-ae80-cbee1a647cbd/export {"uuid": "62d446e2-7f19-4400-ae80-cbee1a647cbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5439", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mj3b2jklkn25", "content": "", "creation_timestamp": "2026-04-09T16:46:11.832035Z"} {"uuid": "62d446e2-7f19-4400-ae80-cbee1a647cbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5439", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mj3b2jklkn25", "content": "", "creation_timestamp": "2026-04-09T16:46:11.832035Z"} https://vulnerability.circl.lu/sighting/62d446e2-7f19-4400-ae80-cbee1a647cbd/export Thu, 09 Apr 2026 16:46:11 +0000 https://vulnerability.circl.lu/sighting/8910304f-8a86-4d50-ad1b-696df687e9e0/export {"uuid": "8910304f-8a86-4d50-ad1b-696df687e9e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5439", "type": "published-proof-of-concept", "source": "Telegram/_P20Htht508gPcGtfhYsw3BkHMYZAVXCzBRlMvbh3o3mGtY", "content": "", "creation_timestamp": "2026-04-14T20:03:14.000000Z"} {"uuid": "8910304f-8a86-4d50-ad1b-696df687e9e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5439", "type": "published-proof-of-concept", "source": "Telegram/_P20Htht508gPcGtfhYsw3BkHMYZAVXCzBRlMvbh3o3mGtY", "content": "", "creation_timestamp": "2026-04-14T20:03:14.000000Z"} https://vulnerability.circl.lu/sighting/8910304f-8a86-4d50-ad1b-696df687e9e0/export Tue, 14 Apr 2026 20:03:14 +0000 https://vulnerability.circl.lu/sighting/d2deab50-93e3-400f-be3c-18396ac58b93/export {"uuid": "d2deab50-93e3-400f-be3c-18396ac58b93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54398", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mo56n2nt6m2j", "content": "CVE-2026-54398 - MISP object edit authorization bypass allows unauthorized sharing group assignment\nCVE ID : CVE-2026-54398\n \n Published : June 12, 2026, 10:16 p.m. | 3\u00a0hours, 7\u00a0minutes ago\n \n Description : An authorization flaw in MISP\u2019s object add/edit handling allowed an au...", "creation_timestamp": "2026-06-13T02:14:17.167882Z"} {"uuid": "d2deab50-93e3-400f-be3c-18396ac58b93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54398", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mo56n2nt6m2j", "content": "CVE-2026-54398 - MISP object edit authorization bypass allows unauthorized sharing group assignment\nCVE ID : CVE-2026-54398\n \n Published : June 12, 2026, 10:16 p.m. | 3\u00a0hours, 7\u00a0minutes ago\n \n Description : An authorization flaw in MISP\u2019s object add/edit handling allowed an au...", "creation_timestamp": "2026-06-13T02:14:17.167882Z"} https://vulnerability.circl.lu/sighting/d2deab50-93e3-400f-be3c-18396ac58b93/export Sat, 13 Jun 2026 02:14:17 +0000 https://vulnerability.circl.lu/sighting/29a61683-cd36-4ea8-9c07-e180fb539fc1/export {"uuid": "29a61683-cd36-4ea8-9c07-e180fb539fc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54390", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3molhj2cqpl2v", "content": "CVE-2026-54390: CRITICAL template injection in JTL Shop 5.2.0 \u2013 5.7.1 lets attackers access secrets & achieve RCE. No patch \u2014 restrict access & monitor for abuse. https://radar.offseq.com/threat/cve-2026-54390-improper-neutralization-of-special--56e42e7fa37d20ee #OffSeq #CVE202654390 #websecurity", "creation_timestamp": "2026-06-18T18:30:15.890123Z"} {"uuid": "29a61683-cd36-4ea8-9c07-e180fb539fc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54390", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3molhj2cqpl2v", "content": "CVE-2026-54390: CRITICAL template injection in JTL Shop 5.2.0 \u2013 5.7.1 lets attackers access secrets & achieve RCE. No patch \u2014 restrict access & monitor for abuse. https://radar.offseq.com/threat/cve-2026-54390-improper-neutralization-of-special--56e42e7fa37d20ee #OffSeq #CVE202654390 #websecurity", "creation_timestamp": "2026-06-18T18:30:15.890123Z"} https://vulnerability.circl.lu/sighting/29a61683-cd36-4ea8-9c07-e180fb539fc1/export Thu, 18 Jun 2026 18:30:15 +0000 https://vulnerability.circl.lu/sighting/3beb0c21-6e0e-4f1d-94fe-0a72cdd71645/export {"uuid": "3beb0c21-6e0e-4f1d-94fe-0a72cdd71645", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54390", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116772530635095713", "content": "CRITICAL: CVE-2026-54390 in JTL Shop (5.2.0 \u2013 5.7.1) enables unauthenticated template injection. Attackers can extract secrets; RCE possible in 5.4.0+. No patch yet \u2014 restrict access & monitor logs. https://radar.offseq.com/threat/cve-2026-54390-improper-neutralization-of-special--56e42e7fa37d20ee #OffSeq #CVE202654390 #infosec #websecurity", "creation_timestamp": "2026-06-18T18:30:17.105039Z"} {"uuid": "3beb0c21-6e0e-4f1d-94fe-0a72cdd71645", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54390", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116772530635095713", "content": "CRITICAL: CVE-2026-54390 in JTL Shop (5.2.0 \u2013 5.7.1) enables unauthenticated template injection. Attackers can extract secrets; RCE possible in 5.4.0+. No patch yet \u2014 restrict access & monitor logs. https://radar.offseq.com/threat/cve-2026-54390-improper-neutralization-of-special--56e42e7fa37d20ee #OffSeq #CVE202654390 #infosec #websecurity", "creation_timestamp": "2026-06-18T18:30:17.105039Z"} https://vulnerability.circl.lu/sighting/3beb0c21-6e0e-4f1d-94fe-0a72cdd71645/export Thu, 18 Jun 2026 18:30:17 +0000 https://vulnerability.circl.lu/sighting/81de25ff-d0d3-49fc-ad55-e6f7401ff04a/export {"uuid": "81de25ff-d0d3-49fc-ad55-e6f7401ff04a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54390", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3molrr3wyz52f", "content": "CVE-2026-54390 - JTL Shop\nCVE ID : CVE-2026-54390\n \n Published : June 18, 2026, 5:33 p.m. | 3\u00a0hours, 35\u00a0minutes ago\n \n Description : JTL Shop versions 5.2.0 through 5.7.1 contains a server-side template injection vulnerability that allows unauthenticated attackers to inject ma...", "creation_timestamp": "2026-06-18T21:33:43.085836Z"} {"uuid": "81de25ff-d0d3-49fc-ad55-e6f7401ff04a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54390", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3molrr3wyz52f", "content": "CVE-2026-54390 - JTL Shop\nCVE ID : CVE-2026-54390\n \n Published : June 18, 2026, 5:33 p.m. | 3\u00a0hours, 35\u00a0minutes ago\n \n Description : JTL Shop versions 5.2.0 through 5.7.1 contains a server-side template injection vulnerability that allows unauthenticated attackers to inject ma...", "creation_timestamp": "2026-06-18T21:33:43.085836Z"} https://vulnerability.circl.lu/sighting/81de25ff-d0d3-49fc-ad55-e6f7401ff04a/export Thu, 18 Jun 2026 21:33:43 +0000 https://vulnerability.circl.lu/sighting/e55413bd-c550-432b-8c13-92a0211393f6/export {"uuid": "e55413bd-c550-432b-8c13-92a0211393f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54390", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motnkhesiv2m", "content": "\ud83d\udea8 ALERT: CVE-2026-54390\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nJTL Shop versions 5.2.0 through 5.7.1 contains a server-side template injection vulnerability that allows unauthenticated attackers to inject malicious template syntax due to unsanitized user-supplied input passed to the Smarty template engine. At", "creation_timestamp": "2026-06-22T00:39:42.945026Z"} {"uuid": "e55413bd-c550-432b-8c13-92a0211393f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54390", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motnkhesiv2m", "content": "\ud83d\udea8 ALERT: CVE-2026-54390\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nJTL Shop versions 5.2.0 through 5.7.1 contains a server-side template injection vulnerability that allows unauthenticated attackers to inject malicious template syntax due to unsanitized user-supplied input passed to the Smarty template engine. At", "creation_timestamp": "2026-06-22T00:39:42.945026Z"} https://vulnerability.circl.lu/sighting/e55413bd-c550-432b-8c13-92a0211393f6/export Mon, 22 Jun 2026 00:39:42 +0000