<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Thu, 02 Jul 2026 10:37:41 +0000</lastBuildDate>
    <item>
      <title>eee79fb7-9d57-4fdf-af97-6837a9df4026</title>
      <link>https://vulnerability.circl.lu/sighting/eee79fb7-9d57-4fdf-af97-6837a9df4026/export</link>
      <description>{"uuid": "eee79fb7-9d57-4fdf-af97-6837a9df4026", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11525", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mozuke5jad2f", "content": "\n\ud83d\udea8 New LOW CVE detected in AWS Lambda \ud83d\udea8\nCVE-2026-11525 impacts undici in 1 Lambda base images.\n\nDetails: https://github.com/aws/aws-lambda-base-images/issues/581\nMore: https://lambdawatchdog.com/\n\n#AWS #Lambda #CVE #CloudSecurity #Serverless", "creation_timestamp": "2026-06-24T12:00:54.980245Z"}</description>
      <content:encoded>{"uuid": "eee79fb7-9d57-4fdf-af97-6837a9df4026", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11525", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mozuke5jad2f", "content": "\n\ud83d\udea8 New LOW CVE detected in AWS Lambda \ud83d\udea8\nCVE-2026-11525 impacts undici in 1 Lambda base images.\n\nDetails: https://github.com/aws/aws-lambda-base-images/issues/581\nMore: https://lambdawatchdog.com/\n\n#AWS #Lambda #CVE #CloudSecurity #Serverless", "creation_timestamp": "2026-06-24T12:00:54.980245Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/eee79fb7-9d57-4fdf-af97-6837a9df4026/export</guid>
      <pubDate>Wed, 24 Jun 2026 12:00:54 +0000</pubDate>
    </item>
    <item>
      <title>9b5c092e-4950-4992-b569-7710744067ec</title>
      <link>https://vulnerability.circl.lu/sighting/9b5c092e-4950-4992-b569-7710744067ec/export</link>
      <description>{"uuid": "9b5c092e-4950-4992-b569-7710744067ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11525", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3moxe4wehti2x", "content": "\n\ud83d\udea8 New LOW CVE detected in AWS Lambda \ud83d\udea8\nCVE-2026-11525 impacts undici in 1 Lambda base images.\n\nDetails: https://github.com/aws/aws-lambda-base-images/issues/580\nMore: https://lambdawatchdog.com/\n\n#AWS #Lambda #CVE #CloudSecurity #Serverless", "creation_timestamp": "2026-06-23T12:01:44.295826Z"}</description>
      <content:encoded>{"uuid": "9b5c092e-4950-4992-b569-7710744067ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11525", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3moxe4wehti2x", "content": "\n\ud83d\udea8 New LOW CVE detected in AWS Lambda \ud83d\udea8\nCVE-2026-11525 impacts undici in 1 Lambda base images.\n\nDetails: https://github.com/aws/aws-lambda-base-images/issues/580\nMore: https://lambdawatchdog.com/\n\n#AWS #Lambda #CVE #CloudSecurity #Serverless", "creation_timestamp": "2026-06-23T12:01:44.295826Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9b5c092e-4950-4992-b569-7710744067ec/export</guid>
      <pubDate>Tue, 23 Jun 2026 12:01:44 +0000</pubDate>
    </item>
    <item>
      <title>3cb93659-856f-49f9-a3cc-0d004a1f9277</title>
      <link>https://vulnerability.circl.lu/sighting/3cb93659-856f-49f9-a3cc-0d004a1f9277/export</link>
      <description>{"uuid": "3cb93659-856f-49f9-a3cc-0d004a1f9277", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11527", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mosekpzves2i", "content": "CVE-2026-11527: falha no libconfig-inifiles-perl do #Debian / #Ubuntu permite inje\u00e7\u00e3o de comandos via nomes de arquivo maliciosos.   Saiba mais: -&amp;gt;  tinyurl.com/u534n7ye", "creation_timestamp": "2026-06-21T12:26:09.978843Z"}</description>
      <content:encoded>{"uuid": "3cb93659-856f-49f9-a3cc-0d004a1f9277", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11527", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mosekpzves2i", "content": "CVE-2026-11527: falha no libconfig-inifiles-perl do #Debian / #Ubuntu permite inje\u00e7\u00e3o de comandos via nomes de arquivo maliciosos.   Saiba mais: -&amp;gt;  tinyurl.com/u534n7ye", "creation_timestamp": "2026-06-21T12:26:09.978843Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3cb93659-856f-49f9-a3cc-0d004a1f9277/export</guid>
      <pubDate>Sun, 21 Jun 2026 12:26:09 +0000</pubDate>
    </item>
    <item>
      <title>2f6f756b-0472-4779-8b9f-e08719cafa33</title>
      <link>https://vulnerability.circl.lu/sighting/2f6f756b-0472-4779-8b9f-e08719cafa33/export</link>
      <description>{"uuid": "2f6f756b-0472-4779-8b9f-e08719cafa33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11527", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mosekpb6ec2i", "content": "CVE-2026-11527: falha no libconfig-inifiles-perl do #Debian / #Ubuntu permite inje\u00e7\u00e3o de comandos via nomes de arquivo maliciosos.   Saiba mais: -&amp;gt;  tinyurl.com/u534n7ye", "creation_timestamp": "2026-06-21T12:26:09.436062Z"}</description>
      <content:encoded>{"uuid": "2f6f756b-0472-4779-8b9f-e08719cafa33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11527", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mosekpb6ec2i", "content": "CVE-2026-11527: falha no libconfig-inifiles-perl do #Debian / #Ubuntu permite inje\u00e7\u00e3o de comandos via nomes de arquivo maliciosos.   Saiba mais: -&amp;gt;  tinyurl.com/u534n7ye", "creation_timestamp": "2026-06-21T12:26:09.436062Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/2f6f756b-0472-4779-8b9f-e08719cafa33/export</guid>
      <pubDate>Sun, 21 Jun 2026 12:26:09 +0000</pubDate>
    </item>
    <item>
      <title>016e2496-f040-4be0-b114-72d72ce6c4d2</title>
      <link>https://vulnerability.circl.lu/sighting/016e2496-f040-4be0-b114-72d72ce6c4d2/export</link>
      <description>{"uuid": "016e2496-f040-4be0-b114-72d72ce6c4d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11525", "type": "seen", "source": "https://bsky.app/profile/nodeland.dev/post/3mol72ndrtt2r", "content": "\ud83d\udd35 Low: SameSite downgrade (CVE-2026-11525).\nSubstring matching meant `SameSite=NoneOfYourBusiness` parsed as `None` and `StrictLax` as `Lax`, silently weakening cookie policies. v6/v7/v8.", "creation_timestamp": "2026-06-18T15:59:06.190352Z"}</description>
      <content:encoded>{"uuid": "016e2496-f040-4be0-b114-72d72ce6c4d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11525", "type": "seen", "source": "https://bsky.app/profile/nodeland.dev/post/3mol72ndrtt2r", "content": "\ud83d\udd35 Low: SameSite downgrade (CVE-2026-11525).\nSubstring matching meant `SameSite=NoneOfYourBusiness` parsed as `None` and `StrictLax` as `Lax`, silently weakening cookie policies. v6/v7/v8.", "creation_timestamp": "2026-06-18T15:59:06.190352Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/016e2496-f040-4be0-b114-72d72ce6c4d2/export</guid>
      <pubDate>Thu, 18 Jun 2026 15:59:06 +0000</pubDate>
    </item>
    <item>
      <title>1a6603a6-7f60-4539-8209-94f722390f0b</title>
      <link>https://vulnerability.circl.lu/sighting/1a6603a6-7f60-4539-8209-94f722390f0b/export</link>
      <description>{"uuid": "1a6603a6-7f60-4539-8209-94f722390f0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11525", "type": "seen", "source": "https://bsky.app/profile/ulisesgascon.com/post/3moitvr3dbc2g", "content": "\ud83d\udea8 Low-severity security fix in undici (6.26.0, 7.28.0, 8.5.0) just released!\n\nPatches CVE-2026-11525. undici vulnerable to Set-Cookie SameSite attribute downgrade via permissive substring matching.\n\ngithub.com/nodejs/undic...", "creation_timestamp": "2026-06-17T17:34:09.494193Z"}</description>
      <content:encoded>{"uuid": "1a6603a6-7f60-4539-8209-94f722390f0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11525", "type": "seen", "source": "https://bsky.app/profile/ulisesgascon.com/post/3moitvr3dbc2g", "content": "\ud83d\udea8 Low-severity security fix in undici (6.26.0, 7.28.0, 8.5.0) just released!\n\nPatches CVE-2026-11525. undici vulnerable to Set-Cookie SameSite attribute downgrade via permissive substring matching.\n\ngithub.com/nodejs/undic...", "creation_timestamp": "2026-06-17T17:34:09.494193Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1a6603a6-7f60-4539-8209-94f722390f0b/export</guid>
      <pubDate>Wed, 17 Jun 2026 17:34:09 +0000</pubDate>
    </item>
    <item>
      <title>04c7c49d-cb2a-4ea7-ac44-b742e2efb3a6</title>
      <link>https://vulnerability.circl.lu/sighting/04c7c49d-cb2a-4ea7-ac44-b742e2efb3a6/export</link>
      <description>{"uuid": "04c7c49d-cb2a-4ea7-ac44-b742e2efb3a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11526", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3moid7skjpc2b", "content": "\u26a0\ufe0f CVE-2026-11526: falha cr\u00edtica no libgd-perl permite execu\u00e7\u00e3o de comandos no #Debian. Vers\u00e3o corrigida: 2.78-1+deb13u1.  Saiba mais: -&amp;gt;  tinyurl.com/ja7274nf", "creation_timestamp": "2026-06-17T12:35:33.801233Z"}</description>
      <content:encoded>{"uuid": "04c7c49d-cb2a-4ea7-ac44-b742e2efb3a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11526", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3moid7skjpc2b", "content": "\u26a0\ufe0f CVE-2026-11526: falha cr\u00edtica no libgd-perl permite execu\u00e7\u00e3o de comandos no #Debian. Vers\u00e3o corrigida: 2.78-1+deb13u1.  Saiba mais: -&amp;gt;  tinyurl.com/ja7274nf", "creation_timestamp": "2026-06-17T12:35:33.801233Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/04c7c49d-cb2a-4ea7-ac44-b742e2efb3a6/export</guid>
      <pubDate>Wed, 17 Jun 2026 12:35:33 +0000</pubDate>
    </item>
    <item>
      <title>b7fb9b42-f3e6-47a4-be79-5f249f48fb2d</title>
      <link>https://vulnerability.circl.lu/sighting/b7fb9b42-f3e6-47a4-be79-5f249f48fb2d/export</link>
      <description>{"uuid": "b7fb9b42-f3e6-47a4-be79-5f249f48fb2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11526", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3moid7rl3ts2b", "content": "\u26a0\ufe0f CVE-2026-11526: falha cr\u00edtica no libgd-perl permite execu\u00e7\u00e3o de comandos no #Debian. Vers\u00e3o corrigida: 2.78-1+deb13u1.  Saiba mais: -&amp;gt;  tinyurl.com/ja7274nf", "creation_timestamp": "2026-06-17T12:35:33.269992Z"}</description>
      <content:encoded>{"uuid": "b7fb9b42-f3e6-47a4-be79-5f249f48fb2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11526", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3moid7rl3ts2b", "content": "\u26a0\ufe0f CVE-2026-11526: falha cr\u00edtica no libgd-perl permite execu\u00e7\u00e3o de comandos no #Debian. Vers\u00e3o corrigida: 2.78-1+deb13u1.  Saiba mais: -&amp;gt;  tinyurl.com/ja7274nf", "creation_timestamp": "2026-06-17T12:35:33.269992Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b7fb9b42-f3e6-47a4-be79-5f249f48fb2d/export</guid>
      <pubDate>Wed, 17 Jun 2026 12:35:33 +0000</pubDate>
    </item>
    <item>
      <title>16e19ae6-287e-4823-8aef-92916b491e88</title>
      <link>https://vulnerability.circl.lu/sighting/16e19ae6-287e-4823-8aef-92916b491e88/export</link>
      <description>{"uuid": "16e19ae6-287e-4823-8aef-92916b491e88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11526", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3mog3r7wvp42j", "content": "Perl's GD module patched CVE-2026-11526 in 2.86: passing a filename that begins or ends with a pipe to an image constructor could execute a shell command, thanks to 2-arg open(). The fix uses 3-arg open. When did you last audit your open() calls?\n#Perl", "creation_timestamp": "2026-06-16T15:16:46.264527Z"}</description>
      <content:encoded>{"uuid": "16e19ae6-287e-4823-8aef-92916b491e88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11526", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3mog3r7wvp42j", "content": "Perl's GD module patched CVE-2026-11526 in 2.86: passing a filename that begins or ends with a pipe to an image constructor could execute a shell command, thanks to 2-arg open(). The fix uses 3-arg open. When did you last audit your open() calls?\n#Perl", "creation_timestamp": "2026-06-16T15:16:46.264527Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/16e19ae6-287e-4823-8aef-92916b491e88/export</guid>
      <pubDate>Tue, 16 Jun 2026 15:16:46 +0000</pubDate>
    </item>
    <item>
      <title>dae129e2-f896-46db-a1a3-94bdde4e73d0</title>
      <link>https://vulnerability.circl.lu/sighting/dae129e2-f896-46db-a1a3-94bdde4e73d0/export</link>
      <description>{"uuid": "dae129e2-f896-46db-a1a3-94bdde4e73d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11526", "type": "seen", "source": "https://bsky.app/profile/cybersecinsight.bsky.social/post/3mod763bfml2v", "content": "\ud83d\udd0d Vulnerability Spotlight | Part 2/3\n\n\u26a0\ufe0f CVE-2026-11526\n\nGD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle.\n\nGD::I...", "creation_timestamp": "2026-06-15T11:39:39.627065Z"}</description>
      <content:encoded>{"uuid": "dae129e2-f896-46db-a1a3-94bdde4e73d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11526", "type": "seen", "source": "https://bsky.app/profile/cybersecinsight.bsky.social/post/3mod763bfml2v", "content": "\ud83d\udd0d Vulnerability Spotlight | Part 2/3\n\n\u26a0\ufe0f CVE-2026-11526\n\nGD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle.\n\nGD::I...", "creation_timestamp": "2026-06-15T11:39:39.627065Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/dae129e2-f896-46db-a1a3-94bdde4e73d0/export</guid>
      <pubDate>Mon, 15 Jun 2026 11:39:39 +0000</pubDate>
    </item>
  </channel>
</rss>
