Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 27 Jun 2026 14:31:19 +0000 a82900bd-07bc-473b-bd90-db6a4a8fee82 https://vulnerability.circl.lu/sighting/a82900bd-07bc-473b-bd90-db6a4a8fee82/export {"uuid": "a82900bd-07bc-473b-bd90-db6a4a8fee82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mowy4gfv4z2p", "content": "AI GATEWAY UNDER ATTACK: HOW LANGFLOW CVE-2026-33017 TURNED INTO A GLOBAL CRYPTO-MINING BACKDOOR +\u00a0Video\n\nIntroduction: When AI Infrastructure Becomes the New Front Door A quiet shift is happening inside enterprise infrastructure. AI application frameworks, once seen as experimental tooling, are\u2026", "creation_timestamp": "2026-06-23T08:26:43.083278Z"} {"uuid": "a82900bd-07bc-473b-bd90-db6a4a8fee82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mowy4gfv4z2p", "content": "AI GATEWAY UNDER ATTACK: HOW LANGFLOW CVE-2026-33017 TURNED INTO A GLOBAL CRYPTO-MINING BACKDOOR +\u00a0Video\n\nIntroduction: When AI Infrastructure Becomes the New Front Door A quiet shift is happening inside enterprise infrastructure. AI application frameworks, once seen as experimental tooling, are\u2026", "creation_timestamp": "2026-06-23T08:26:43.083278Z"} https://vulnerability.circl.lu/sighting/a82900bd-07bc-473b-bd90-db6a4a8fee82/export Tue, 23 Jun 2026 08:26:43 +0000 b068df92-823d-46d1-a009-f249bcdd59f3 https://vulnerability.circl.lu/sighting/b068df92-823d-46d1-a009-f249bcdd59f3/export {"uuid": "b068df92-823d-46d1-a009-f249bcdd59f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3moxg6i2l7z2x", "content": "~Trendmicro~\nAttackers are exploiting unauthenticated RCE in Langflow (CVE-2026-33017) to deploy Monero cryptominers and spread via SSH keys.\n-\nIOCs: 83[. ]142[. ]209[. ]214, 94[. ]156[. ]64[. ]241\n-\n#CVE202633017 #Cryptominer #ThreatIntel", "creation_timestamp": "2026-06-23T12:38:24.875608Z"} {"uuid": "b068df92-823d-46d1-a009-f249bcdd59f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3moxg6i2l7z2x", "content": "~Trendmicro~\nAttackers are exploiting unauthenticated RCE in Langflow (CVE-2026-33017) to deploy Monero cryptominers and spread via SSH keys.\n-\nIOCs: 83[. ]142[. ]209[. ]214, 94[. ]156[. ]64[. ]241\n-\n#CVE202633017 #Cryptominer #ThreatIntel", "creation_timestamp": "2026-06-23T12:38:24.875608Z"} https://vulnerability.circl.lu/sighting/b068df92-823d-46d1-a009-f249bcdd59f3/export Tue, 23 Jun 2026 12:38:24 +0000 fc286992-3935-451f-97f9-432d908c4ecf https://vulnerability.circl.lu/sighting/fc286992-3935-451f-97f9-432d908c4ecf/export {"uuid": "fc286992-3935-451f-97f9-432d908c4ecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3moxkrztiw52k", "content": "From Langflow to Monero: Inside CVE-2026-33017 Cryptominer", "creation_timestamp": "2026-06-23T14:00:55.670751Z"} {"uuid": "fc286992-3935-451f-97f9-432d908c4ecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3moxkrztiw52k", "content": "From Langflow to Monero: Inside CVE-2026-33017 Cryptominer", "creation_timestamp": "2026-06-23T14:00:55.670751Z"} https://vulnerability.circl.lu/sighting/fc286992-3935-451f-97f9-432d908c4ecf/export Tue, 23 Jun 2026 14:00:55 +0000 b3c6bbbe-a2fd-4d07-83fa-15df4733d717 https://vulnerability.circl.lu/sighting/b3c6bbbe-a2fd-4d07-83fa-15df4733d717/export {"uuid": "b3c6bbbe-a2fd-4d07-83fa-15df4733d717", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4c22e67d-9d27-44c8-8c13-0c5648d6928a", "content": "", "creation_timestamp": "2026-06-23T14:03:40.890321Z"} {"uuid": "b3c6bbbe-a2fd-4d07-83fa-15df4733d717", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4c22e67d-9d27-44c8-8c13-0c5648d6928a", "content": "", "creation_timestamp": "2026-06-23T14:03:40.890321Z"} https://vulnerability.circl.lu/sighting/b3c6bbbe-a2fd-4d07-83fa-15df4733d717/export Tue, 23 Jun 2026 14:03:40 +0000 213897e5-399e-45f5-bdfd-3eb6c345e8dd https://vulnerability.circl.lu/sighting/213897e5-399e-45f5-bdfd-3eb6c345e8dd/export {"uuid": "213897e5-399e-45f5-bdfd-3eb6c345e8dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3moylhagu6c2v", "content": "CVE-2026-33017 in Langflow was abused to deploy a Monero cryptominer, disable defenses, and persist via reused SSH keys. The campaign used custom miner procq and tactics tied to KORKERDS. #Langflow #Monero #KORKERDS", "creation_timestamp": "2026-06-23T23:45:27.289562Z"} {"uuid": "213897e5-399e-45f5-bdfd-3eb6c345e8dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3moylhagu6c2v", "content": "CVE-2026-33017 in Langflow was abused to deploy a Monero cryptominer, disable defenses, and persist via reused SSH keys. The campaign used custom miner procq and tactics tied to KORKERDS. #Langflow #Monero #KORKERDS", "creation_timestamp": "2026-06-23T23:45:27.289562Z"} https://vulnerability.circl.lu/sighting/213897e5-399e-45f5-bdfd-3eb6c345e8dd/export Tue, 23 Jun 2026 23:45:27 +0000 80af1405-c9d1-41e7-9f60-65cd4017f926 https://vulnerability.circl.lu/sighting/80af1405-c9d1-41e7-9f60-65cd4017f926/export {"uuid": "80af1405-c9d1-41e7-9f60-65cd4017f926", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3mp2t7ffp4e2v", "content": "From Langflow to Monero: Inside CVE-2026-33017 Cryptominer", "creation_timestamp": "2026-06-24T21:09:32.812007Z"} {"uuid": "80af1405-c9d1-41e7-9f60-65cd4017f926", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3mp2t7ffp4e2v", "content": "From Langflow to Monero: Inside CVE-2026-33017 Cryptominer", "creation_timestamp": "2026-06-24T21:09:32.812007Z"} https://vulnerability.circl.lu/sighting/80af1405-c9d1-41e7-9f60-65cd4017f926/export Wed, 24 Jun 2026 21:09:32 +0000 14b0f96e-faeb-4936-b27c-8054cebb848c https://vulnerability.circl.lu/sighting/14b0f96e-faeb-4936-b27c-8054cebb848c/export {"uuid": "14b0f96e-faeb-4936-b27c-8054cebb848c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mp4cb54pcv2g", "content": "CRITICAL ALERT: Langflow RCE Vulnerability Lets Attackers Execute Python Code Remotely With One Request (CVE-2026-33017) +\u00a0Video\n\n\ud83e\udde0 Introduction: When AI Infrastructure Becomes an Open Door Introduction In the rapidly expanding world of AI orchestration and Retrieval-Augmented Generation (RAG)\u2026", "creation_timestamp": "2026-06-25T11:11:37.189067Z"} {"uuid": "14b0f96e-faeb-4936-b27c-8054cebb848c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mp4cb54pcv2g", "content": "CRITICAL ALERT: Langflow RCE Vulnerability Lets Attackers Execute Python Code Remotely With One Request (CVE-2026-33017) +\u00a0Video\n\n\ud83e\udde0 Introduction: When AI Infrastructure Becomes an Open Door Introduction In the rapidly expanding world of AI orchestration and Retrieval-Augmented Generation (RAG)\u2026", "creation_timestamp": "2026-06-25T11:11:37.189067Z"} https://vulnerability.circl.lu/sighting/14b0f96e-faeb-4936-b27c-8054cebb848c/export Thu, 25 Jun 2026 11:11:37 +0000 87b16978-4010-44ab-b5b7-13eb1e77698d https://vulnerability.circl.lu/sighting/87b16978-4010-44ab-b5b7-13eb1e77698d/export {"uuid": "87b16978-4010-44ab-b5b7-13eb1e77698d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "MISP/92de9105-2dc0-4c15-9b9c-ea9a2dd75d29", "content": "", "creation_timestamp": "2026-06-25T12:15:03.202147Z"} {"uuid": "87b16978-4010-44ab-b5b7-13eb1e77698d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "MISP/92de9105-2dc0-4c15-9b9c-ea9a2dd75d29", "content": "", "creation_timestamp": "2026-06-25T12:15:03.202147Z"} https://vulnerability.circl.lu/sighting/87b16978-4010-44ab-b5b7-13eb1e77698d/export Thu, 25 Jun 2026 12:15:03 +0000 339d3915-ead8-4661-aed4-c16332cd5335 https://vulnerability.circl.lu/sighting/339d3915-ead8-4661-aed4-c16332cd5335/export {"uuid": "339d3915-ead8-4661-aed4-c16332cd5335", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-33017", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3mp6trdemt52x", "content": "\ud83d\udce2 CVE-2026-33017 : des cryptomineurs Monero exploitent Langflow via RCE non authentifi\u00e9e\n\ud83d\udcdd ## \ud83d\udd0d Contexte\n\nPubli\u00e9 le 23 juin 2026 par Trend Micro \u2026\nhttps://cyberveille.ch/posts/2026-06-26-cve-2026-33017-des-cryptomineurs-monero-exploitent-langflow-via-rce-non-authentifiee/ #CVE_2025_3248 #Cyberveille", "creation_timestamp": "2026-06-26T11:30:13.656912Z"} {"uuid": "339d3915-ead8-4661-aed4-c16332cd5335", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-33017", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3mp6trdemt52x", "content": "\ud83d\udce2 CVE-2026-33017 : des cryptomineurs Monero exploitent Langflow via RCE non authentifi\u00e9e\n\ud83d\udcdd ## \ud83d\udd0d Contexte\n\nPubli\u00e9 le 23 juin 2026 par Trend Micro \u2026\nhttps://cyberveille.ch/posts/2026-06-26-cve-2026-33017-des-cryptomineurs-monero-exploitent-langflow-via-rce-non-authentifiee/ #CVE_2025_3248 #Cyberveille", "creation_timestamp": "2026-06-26T11:30:13.656912Z"} https://vulnerability.circl.lu/sighting/339d3915-ead8-4661-aed4-c16332cd5335/export Fri, 26 Jun 2026 11:30:13 +0000 2397587b-4092-43fe-80d4-118cf15c82f7 https://vulnerability.circl.lu/sighting/2397587b-4092-43fe-80d4-118cf15c82f7/export {"uuid": "2397587b-4092-43fe-80d4-118cf15c82f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mpabcxoaex23", "content": "Langflow Cryptominer Malware Exploits\u00a0CVE-2026-33017\n\nAt least 39 rival malware families appear on a kill list used by a new Langflow cryptominer malware campaign. Threat actors now target exposed artificial intelligence application endpoints to breach enterprise networks. They exploit\u2026", "creation_timestamp": "2026-06-27T01:05:25.454067Z"} {"uuid": "2397587b-4092-43fe-80d4-118cf15c82f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mpabcxoaex23", "content": "Langflow Cryptominer Malware Exploits\u00a0CVE-2026-33017\n\nAt least 39 rival malware families appear on a kill list used by a new Langflow cryptominer malware campaign. Threat actors now target exposed artificial intelligence application endpoints to breach enterprise networks. They exploit\u2026", "creation_timestamp": "2026-06-27T01:05:25.454067Z"} https://vulnerability.circl.lu/sighting/2397587b-4092-43fe-80d4-118cf15c82f7/export Sat, 27 Jun 2026 01:05:25 +0000