<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 17 Jul 2026 12:14:42 +0000</lastBuildDate>
    <item>
      <title>33359741-2a95-4e03-b83c-02485ebea053</title>
      <link>https://vulnerability.circl.lu/sighting/33359741-2a95-4e03-b83c-02485ebea053/export</link>
      <description>{"uuid": "33359741-2a95-4e03-b83c-02485ebea053", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63305", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqrjozn2vn2w", "content": "CVE-2026-63305 - AVideo through 29.0 OS Command Injection via ffmpeg.json.php\nCVE ID : CVE-2026-63305\n \n Published : July 16, 2026, 1:16 p.m. | 1\u00a0hour, 18\u00a0minutes ago\n \n Description : AVideo through 29.0 contains an OS command injection vulnerability in the ffmpeg.json.php end...", "creation_timestamp": "2026-07-16T15:15:45.509292Z"}</description>
      <content:encoded>{"uuid": "33359741-2a95-4e03-b83c-02485ebea053", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63305", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqrjozn2vn2w", "content": "CVE-2026-63305 - AVideo through 29.0 OS Command Injection via ffmpeg.json.php\nCVE ID : CVE-2026-63305\n \n Published : July 16, 2026, 1:16 p.m. | 1\u00a0hour, 18\u00a0minutes ago\n \n Description : AVideo through 29.0 contains an OS command injection vulnerability in the ffmpeg.json.php end...", "creation_timestamp": "2026-07-16T15:15:45.509292Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/33359741-2a95-4e03-b83c-02485ebea053/export</guid>
      <pubDate>Thu, 16 Jul 2026 15:15:45 +0000</pubDate>
    </item>
    <item>
      <title>a1bf6183-6e5d-4203-bb82-b80805647f63</title>
      <link>https://vulnerability.circl.lu/sighting/a1bf6183-6e5d-4203-bb82-b80805647f63/export</link>
      <description>{"uuid": "a1bf6183-6e5d-4203-bb82-b80805647f63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63305", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqrel3xc7x2o", "content": "CVE-2026-63305\nAVideo versions up to 29.0 have a security flaw that allows attackers to execute system commands. This can be exploited by sending specially crafted data to the ffmpeg.json.php endpoint. To protect your system,\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-16T13:44:04.967576Z"}</description>
      <content:encoded>{"uuid": "a1bf6183-6e5d-4203-bb82-b80805647f63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-63305", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqrel3xc7x2o", "content": "CVE-2026-63305\nAVideo versions up to 29.0 have a security flaw that allows attackers to execute system commands. This can be exploited by sending specially crafted data to the ffmpeg.json.php endpoint. To protect your system,\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-16T13:44:04.967576Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a1bf6183-6e5d-4203-bb82-b80805647f63/export</guid>
      <pubDate>Thu, 16 Jul 2026 13:44:04 +0000</pubDate>
    </item>
    <item>
      <title>8538d743-9165-468c-98f2-c6aa950a07b0</title>
      <link>https://vulnerability.circl.lu/sighting/8538d743-9165-468c-98f2-c6aa950a07b0/export</link>
      <description>{"uuid": "8538d743-9165-468c-98f2-c6aa950a07b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-63305", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqrdssbvep2z", "content": "WWBN AVideo \u226429.0 is affected by a CRITICAL (CVSS 9.2) OS command injection (CVE-2026-63305). Restrict ffmpeg.json.php access &amp;amp; monitor for suspicious activity until a patch is available. https://radar.offseq.com/threat/cve-2026-63305-improper-neutralization-of-special--2152563144062b29 #OffSeq #...", "creation_timestamp": "2026-07-16T13:30:30.763641Z"}</description>
      <content:encoded>{"uuid": "8538d743-9165-468c-98f2-c6aa950a07b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-63305", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqrdssbvep2z", "content": "WWBN AVideo \u226429.0 is affected by a CRITICAL (CVSS 9.2) OS command injection (CVE-2026-63305). Restrict ffmpeg.json.php access &amp;amp; monitor for suspicious activity until a patch is available. https://radar.offseq.com/threat/cve-2026-63305-improper-neutralization-of-special--2152563144062b29 #OffSeq #...", "creation_timestamp": "2026-07-16T13:30:30.763641Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/8538d743-9165-468c-98f2-c6aa950a07b0/export</guid>
      <pubDate>Thu, 16 Jul 2026 13:30:30 +0000</pubDate>
    </item>
    <item>
      <title>83ba766c-2600-43bb-b483-7c63cc9c2666</title>
      <link>https://vulnerability.circl.lu/sighting/83ba766c-2600-43bb-b483-7c63cc9c2666/export</link>
      <description>{"uuid": "83ba766c-2600-43bb-b483-7c63cc9c2666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-63305", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116929896586145034", "content": "CRITICAL: CVE-2026-63305 impacts WWBN AVideo \u226429.0. OS command injection in ffmpeg.json.php allows arbitrary command execution as the web-server user. No patch yet \u2014 restrict access &amp;amp; monitor logs. Details: https://radar.offseq.com/threat/cve-2026-63305-improper-neutralization-of-special--2152563144062b29 #OffSeq #Vuln #WWBN #CVE202663305", "creation_timestamp": "2026-07-16T13:30:27.831080Z"}</description>
      <content:encoded>{"uuid": "83ba766c-2600-43bb-b483-7c63cc9c2666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-63305", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116929896586145034", "content": "CRITICAL: CVE-2026-63305 impacts WWBN AVideo \u226429.0. OS command injection in ffmpeg.json.php allows arbitrary command execution as the web-server user. No patch yet \u2014 restrict access &amp;amp; monitor logs. Details: https://radar.offseq.com/threat/cve-2026-63305-improper-neutralization-of-special--2152563144062b29 #OffSeq #Vuln #WWBN #CVE202663305", "creation_timestamp": "2026-07-16T13:30:27.831080Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/83ba766c-2600-43bb-b483-7c63cc9c2666/export</guid>
      <pubDate>Thu, 16 Jul 2026 13:30:27 +0000</pubDate>
    </item>
  </channel>
</rss>
