<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sat, 11 Jul 2026 01:28:04 +0000</lastBuildDate>
    <item>
      <title>d8a4ab19-c0a6-4b4c-94a8-0bff151baf53</title>
      <link>https://vulnerability.circl.lu/sighting/d8a4ab19-c0a6-4b4c-94a8-0bff151baf53/export</link>
      <description>{"uuid": "d8a4ab19-c0a6-4b4c-94a8-0bff151baf53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6961010", "content": "2026-07-10: [CVE-2026-56291] Balbooa Forms Unrestricted Upload of File with Dangerous Type VulnerabilityBalbooa Forms contains an unrestricted upload of file with dangerous type vulnerability that allows an unauthenticated arbitrary file upload which could allow uploading of executable files leading to full RCE.\ncisakev", "creation_timestamp": "2026-07-10T21:00:34.038500Z"}</description>
      <content:encoded>{"uuid": "d8a4ab19-c0a6-4b4c-94a8-0bff151baf53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6961010", "content": "2026-07-10: [CVE-2026-56291] Balbooa Forms Unrestricted Upload of File with Dangerous Type VulnerabilityBalbooa Forms contains an unrestricted upload of file with dangerous type vulnerability that allows an unauthenticated arbitrary file upload which could allow uploading of executable files leading to full RCE.\ncisakev", "creation_timestamp": "2026-07-10T21:00:34.038500Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d8a4ab19-c0a6-4b4c-94a8-0bff151baf53/export</guid>
      <pubDate>Fri, 10 Jul 2026 21:00:34 +0000</pubDate>
    </item>
    <item>
      <title>e9093ec0-6b07-499f-8210-ea42aaa0e23a</title>
      <link>https://vulnerability.circl.lu/sighting/e9093ec0-6b07-499f-8210-ea42aaa0e23a/export</link>
      <description>{"uuid": "e9093ec0-6b07-499f-8210-ea42aaa0e23a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mqcr4thq7p2j", "content": "\ud83d\uded1 CVE-2026-56291\nBalbooa Forms\nCVSS 10.0 / EPSS 0% / KEV \u2705\nTL;DR: The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload t\u2026\nhttps://cvesentinel.com/report/CVE-2026-56291?utm_source=bluesky&amp;amp;utm_medium=social&amp;amp;utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-07-10T18:18:48.716003Z"}</description>
      <content:encoded>{"uuid": "e9093ec0-6b07-499f-8210-ea42aaa0e23a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mqcr4thq7p2j", "content": "\ud83d\uded1 CVE-2026-56291\nBalbooa Forms\nCVSS 10.0 / EPSS 0% / KEV \u2705\nTL;DR: The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload t\u2026\nhttps://cvesentinel.com/report/CVE-2026-56291?utm_source=bluesky&amp;amp;utm_medium=social&amp;amp;utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-07-10T18:18:48.716003Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e9093ec0-6b07-499f-8210-ea42aaa0e23a/export</guid>
      <pubDate>Fri, 10 Jul 2026 18:18:48 +0000</pubDate>
    </item>
    <item>
      <title>432d1805-bc35-4faa-90ea-ad5d011cfcd9</title>
      <link>https://vulnerability.circl.lu/sighting/432d1805-bc35-4faa-90ea-ad5d011cfcd9/export</link>
      <description>{"uuid": "432d1805-bc35-4faa-90ea-ad5d011cfcd9", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7f8175a4-d002-4926-ad93-9c4b5f79efc9", "content": "", "creation_timestamp": "2026-07-10T18:00:24.652822Z"}</description>
      <content:encoded>{"uuid": "432d1805-bc35-4faa-90ea-ad5d011cfcd9", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7f8175a4-d002-4926-ad93-9c4b5f79efc9", "content": "", "creation_timestamp": "2026-07-10T18:00:24.652822Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/432d1805-bc35-4faa-90ea-ad5d011cfcd9/export</guid>
      <pubDate>Fri, 10 Jul 2026 18:00:24 +0000</pubDate>
    </item>
    <item>
      <title>92e2ef8f-d2e2-4918-bf2c-700fc0fc3b85</title>
      <link>https://vulnerability.circl.lu/sighting/92e2ef8f-d2e2-4918-bf2c-700fc0fc3b85/export</link>
      <description>{"uuid": "92e2ef8f-d2e2-4918-bf2c-700fc0fc3b85", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2441e572-031d-4f21-a37b-f97ea742bf70", "content": "", "creation_timestamp": "2026-07-10T18:00:02.597504Z"}</description>
      <content:encoded>{"uuid": "92e2ef8f-d2e2-4918-bf2c-700fc0fc3b85", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2441e572-031d-4f21-a37b-f97ea742bf70", "content": "", "creation_timestamp": "2026-07-10T18:00:02.597504Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/92e2ef8f-d2e2-4918-bf2c-700fc0fc3b85/export</guid>
      <pubDate>Fri, 10 Jul 2026 18:00:02 +0000</pubDate>
    </item>
    <item>
      <title>006e5266-04a2-4f05-8d60-22113691a7e5</title>
      <link>https://vulnerability.circl.lu/sighting/006e5266-04a2-4f05-8d60-22113691a7e5/export</link>
      <description>{"uuid": "006e5266-04a2-4f05-8d60-22113691a7e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116896829543133479", "content": "CISA has added two vulnerabilities to the KEV catalogue.\n-  CVE-2026-48939: iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-48939\n-  CVE-2026-56291: Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-56291 #CISA #infosec #vulnerability", "creation_timestamp": "2026-07-10T17:21:04.803099Z"}</description>
      <content:encoded>{"uuid": "006e5266-04a2-4f05-8d60-22113691a7e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116896829543133479", "content": "CISA has added two vulnerabilities to the KEV catalogue.\n-  CVE-2026-48939: iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-48939\n-  CVE-2026-56291: Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-56291 #CISA #infosec #vulnerability", "creation_timestamp": "2026-07-10T17:21:04.803099Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/006e5266-04a2-4f05-8d60-22113691a7e5/export</guid>
      <pubDate>Fri, 10 Jul 2026 17:21:04 +0000</pubDate>
    </item>
    <item>
      <title>3ce5e181-ab04-4604-94f8-bfa1df6b5e7a</title>
      <link>https://vulnerability.circl.lu/sighting/3ce5e181-ab04-4604-94f8-bfa1df6b5e7a/export</link>
      <description>{"uuid": "3ce5e181-ab04-4604-94f8-bfa1df6b5e7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq7lnwtosi2x", "content": "CVE-2026-56291 - Joomla Extension - balbooa.com - Unauthenticated file upload in Balbooa Forms extension\nCVE ID : CVE-2026-56291\n \n Published : July 9, 2026, 11:16 a.m. | 32\u00a0minutes ago\n \n Description : The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arb...", "creation_timestamp": "2026-07-09T12:03:01.091980Z"}</description>
      <content:encoded>{"uuid": "3ce5e181-ab04-4604-94f8-bfa1df6b5e7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq7lnwtosi2x", "content": "CVE-2026-56291 - Joomla Extension - balbooa.com - Unauthenticated file upload in Balbooa Forms extension\nCVE ID : CVE-2026-56291\n \n Published : July 9, 2026, 11:16 a.m. | 32\u00a0minutes ago\n \n Description : The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arb...", "creation_timestamp": "2026-07-09T12:03:01.091980Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3ce5e181-ab04-4604-94f8-bfa1df6b5e7a/export</guid>
      <pubDate>Thu, 09 Jul 2026 12:03:01 +0000</pubDate>
    </item>
    <item>
      <title>596be121-8685-40e9-802b-8ecb5f64837f</title>
      <link>https://vulnerability.circl.lu/sighting/596be121-8685-40e9-802b-8ecb5f64837f/export</link>
      <description>{"uuid": "596be121-8685-40e9-802b-8ecb5f64837f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56291", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mq7ljhukn42i", "content": "CRITICAL: Balbooa Forms for Joomla (1.0 \u2013 2.4.0) lets unauthenticated attackers upload and run files, enabling full RCE. No patch out. Restrict or disable use now. https://radar.offseq.com/threat/cve-2026-56291-cwe-434-unrestricted-upload-of-file-aa89baa3213ad239 #OffSeq #Joomla #Security", "creation_timestamp": "2026-07-09T12:00:31.415727Z"}</description>
      <content:encoded>{"uuid": "596be121-8685-40e9-802b-8ecb5f64837f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56291", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mq7ljhukn42i", "content": "CRITICAL: Balbooa Forms for Joomla (1.0 \u2013 2.4.0) lets unauthenticated attackers upload and run files, enabling full RCE. No patch out. Restrict or disable use now. https://radar.offseq.com/threat/cve-2026-56291-cwe-434-unrestricted-upload-of-file-aa89baa3213ad239 #OffSeq #Joomla #Security", "creation_timestamp": "2026-07-09T12:00:31.415727Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/596be121-8685-40e9-802b-8ecb5f64837f/export</guid>
      <pubDate>Thu, 09 Jul 2026 12:00:31 +0000</pubDate>
    </item>
    <item>
      <title>97f961ca-8449-4e8a-b840-03e61b27a54b</title>
      <link>https://vulnerability.circl.lu/sighting/97f961ca-8449-4e8a-b840-03e61b27a54b/export</link>
      <description>{"uuid": "97f961ca-8449-4e8a-b840-03e61b27a54b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56291", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116889906648087046", "content": "CVE-2026-56291 | CRITICAL: Balbooa Forms for Joomla (v1.0 \u2013 2.4.0) allows unauthenticated RCE via arbitrary file upload (CWE-434). No patch yet. Disable or restrict access until fixed. https://radar.offseq.com/threat/cve-2026-56291-cwe-434-unrestricted-upload-of-file-aa89baa3213ad239 #OffSeq #Joomla #RCE #Vuln", "creation_timestamp": "2026-07-09T12:00:30.367028Z"}</description>
      <content:encoded>{"uuid": "97f961ca-8449-4e8a-b840-03e61b27a54b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56291", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116889906648087046", "content": "CVE-2026-56291 | CRITICAL: Balbooa Forms for Joomla (v1.0 \u2013 2.4.0) allows unauthenticated RCE via arbitrary file upload (CWE-434). No patch yet. Disable or restrict access until fixed. https://radar.offseq.com/threat/cve-2026-56291-cwe-434-unrestricted-upload-of-file-aa89baa3213ad239 #OffSeq #Joomla #RCE #Vuln", "creation_timestamp": "2026-07-09T12:00:30.367028Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/97f961ca-8449-4e8a-b840-03e61b27a54b/export</guid>
      <pubDate>Thu, 09 Jul 2026 12:00:30 +0000</pubDate>
    </item>
  </channel>
</rss>
