https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 25 Jun 2026 02:38:29 +0000 https://vulnerability.circl.lu/sighting/d16df5c8-6792-417e-827e-49254ead2107/export {"uuid": "d16df5c8-6792-417e-827e-49254ead2107", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mlsl7vgh4q2i", "content": "Langflow CVE-2026-33017 Exploited to Steal AWS Keys and Deploy NATS Worker", "creation_timestamp": "2026-05-14T10:09:46.843426Z"} {"uuid": "d16df5c8-6792-417e-827e-49254ead2107", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mlsl7vgh4q2i", "content": "Langflow CVE-2026-33017 Exploited to Steal AWS Keys and Deploy NATS Worker", "creation_timestamp": "2026-05-14T10:09:46.843426Z"} https://vulnerability.circl.lu/sighting/d16df5c8-6792-417e-827e-49254ead2107/export Thu, 14 May 2026 10:09:46 +0000 https://vulnerability.circl.lu/sighting/615fab18-fab4-4fae-a6a9-42473f95ac21/export {"uuid": "615fab18-fab4-4fae-a6a9-42473f95ac21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/keesnk.bsky.social/post/3mlurl4zwqc2v", "content": "Langflow CVE-2026-33017 exploited to steal AWS Keys and deploy NATS Worker:\n\ncybersecuritynews.com/langflow-cve...", "creation_timestamp": "2026-05-15T07:08:47.158624Z"} {"uuid": "615fab18-fab4-4fae-a6a9-42473f95ac21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/keesnk.bsky.social/post/3mlurl4zwqc2v", "content": "Langflow CVE-2026-33017 exploited to steal AWS Keys and deploy NATS Worker:\n\ncybersecuritynews.com/langflow-cve...", "creation_timestamp": "2026-05-15T07:08:47.158624Z"} https://vulnerability.circl.lu/sighting/615fab18-fab4-4fae-a6a9-42473f95ac21/export Fri, 15 May 2026 07:08:47 +0000 https://vulnerability.circl.lu/sighting/865aaca7-d653-4d60-aaf1-8447661ad672/export {"uuid": "865aaca7-d653-4d60-aaf1-8447661ad672", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "MISP/d511a704-eba2-411a-9543-41e0e130f522", "content": "", "creation_timestamp": "2026-06-15T17:02:30.000000Z"} {"uuid": "865aaca7-d653-4d60-aaf1-8447661ad672", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "MISP/d511a704-eba2-411a-9543-41e0e130f522", "content": "", "creation_timestamp": "2026-06-15T17:02:30.000000Z"} https://vulnerability.circl.lu/sighting/865aaca7-d653-4d60-aaf1-8447661ad672/export Mon, 15 Jun 2026 17:02:30 +0000 https://vulnerability.circl.lu/sighting/2fbe1421-7a2a-4f23-b05b-da326ad8545f/export {"uuid": "2fbe1421-7a2a-4f23-b05b-da326ad8545f", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/8cb084c6-6aff-45a5-bf8e-4355fa241eca", "content": "", "creation_timestamp": "2026-06-19T12:45:14.248799Z"} {"uuid": "2fbe1421-7a2a-4f23-b05b-da326ad8545f", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/8cb084c6-6aff-45a5-bf8e-4355fa241eca", "content": "", "creation_timestamp": "2026-06-19T12:45:14.248799Z"} https://vulnerability.circl.lu/sighting/2fbe1421-7a2a-4f23-b05b-da326ad8545f/export Fri, 19 Jun 2026 12:45:14 +0000 https://vulnerability.circl.lu/sighting/a82900bd-07bc-473b-bd90-db6a4a8fee82/export {"uuid": "a82900bd-07bc-473b-bd90-db6a4a8fee82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mowy4gfv4z2p", "content": "AI GATEWAY UNDER ATTACK: HOW LANGFLOW CVE-2026-33017 TURNED INTO A GLOBAL CRYPTO-MINING BACKDOOR +\u00a0Video\n\nIntroduction: When AI Infrastructure Becomes the New Front Door A quiet shift is happening inside enterprise infrastructure. AI application frameworks, once seen as experimental tooling, are\u2026", "creation_timestamp": "2026-06-23T08:26:43.083278Z"} {"uuid": "a82900bd-07bc-473b-bd90-db6a4a8fee82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mowy4gfv4z2p", "content": "AI GATEWAY UNDER ATTACK: HOW LANGFLOW CVE-2026-33017 TURNED INTO A GLOBAL CRYPTO-MINING BACKDOOR +\u00a0Video\n\nIntroduction: When AI Infrastructure Becomes the New Front Door A quiet shift is happening inside enterprise infrastructure. AI application frameworks, once seen as experimental tooling, are\u2026", "creation_timestamp": "2026-06-23T08:26:43.083278Z"} https://vulnerability.circl.lu/sighting/a82900bd-07bc-473b-bd90-db6a4a8fee82/export Tue, 23 Jun 2026 08:26:43 +0000 https://vulnerability.circl.lu/sighting/b068df92-823d-46d1-a009-f249bcdd59f3/export {"uuid": "b068df92-823d-46d1-a009-f249bcdd59f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3moxg6i2l7z2x", "content": "~Trendmicro~\nAttackers are exploiting unauthenticated RCE in Langflow (CVE-2026-33017) to deploy Monero cryptominers and spread via SSH keys.\n-\nIOCs: 83[. ]142[. ]209[. ]214, 94[. ]156[. ]64[. ]241\n-\n#CVE202633017 #Cryptominer #ThreatIntel", "creation_timestamp": "2026-06-23T12:38:24.875608Z"} {"uuid": "b068df92-823d-46d1-a009-f249bcdd59f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3moxg6i2l7z2x", "content": "~Trendmicro~\nAttackers are exploiting unauthenticated RCE in Langflow (CVE-2026-33017) to deploy Monero cryptominers and spread via SSH keys.\n-\nIOCs: 83[. ]142[. ]209[. ]214, 94[. ]156[. ]64[. ]241\n-\n#CVE202633017 #Cryptominer #ThreatIntel", "creation_timestamp": "2026-06-23T12:38:24.875608Z"} https://vulnerability.circl.lu/sighting/b068df92-823d-46d1-a009-f249bcdd59f3/export Tue, 23 Jun 2026 12:38:24 +0000 https://vulnerability.circl.lu/sighting/fc286992-3935-451f-97f9-432d908c4ecf/export {"uuid": "fc286992-3935-451f-97f9-432d908c4ecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3moxkrztiw52k", "content": "From Langflow to Monero: Inside CVE-2026-33017 Cryptominer", "creation_timestamp": "2026-06-23T14:00:55.670751Z"} {"uuid": "fc286992-3935-451f-97f9-432d908c4ecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3moxkrztiw52k", "content": "From Langflow to Monero: Inside CVE-2026-33017 Cryptominer", "creation_timestamp": "2026-06-23T14:00:55.670751Z"} https://vulnerability.circl.lu/sighting/fc286992-3935-451f-97f9-432d908c4ecf/export Tue, 23 Jun 2026 14:00:55 +0000 https://vulnerability.circl.lu/sighting/b3c6bbbe-a2fd-4d07-83fa-15df4733d717/export {"uuid": "b3c6bbbe-a2fd-4d07-83fa-15df4733d717", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4c22e67d-9d27-44c8-8c13-0c5648d6928a", "content": "", "creation_timestamp": "2026-06-23T14:03:40.890321Z"} {"uuid": "b3c6bbbe-a2fd-4d07-83fa-15df4733d717", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4c22e67d-9d27-44c8-8c13-0c5648d6928a", "content": "", "creation_timestamp": "2026-06-23T14:03:40.890321Z"} https://vulnerability.circl.lu/sighting/b3c6bbbe-a2fd-4d07-83fa-15df4733d717/export Tue, 23 Jun 2026 14:03:40 +0000 https://vulnerability.circl.lu/sighting/213897e5-399e-45f5-bdfd-3eb6c345e8dd/export {"uuid": "213897e5-399e-45f5-bdfd-3eb6c345e8dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3moylhagu6c2v", "content": "CVE-2026-33017 in Langflow was abused to deploy a Monero cryptominer, disable defenses, and persist via reused SSH keys. The campaign used custom miner procq and tactics tied to KORKERDS. #Langflow #Monero #KORKERDS", "creation_timestamp": "2026-06-23T23:45:27.289562Z"} {"uuid": "213897e5-399e-45f5-bdfd-3eb6c345e8dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3moylhagu6c2v", "content": "CVE-2026-33017 in Langflow was abused to deploy a Monero cryptominer, disable defenses, and persist via reused SSH keys. The campaign used custom miner procq and tactics tied to KORKERDS. #Langflow #Monero #KORKERDS", "creation_timestamp": "2026-06-23T23:45:27.289562Z"} https://vulnerability.circl.lu/sighting/213897e5-399e-45f5-bdfd-3eb6c345e8dd/export Tue, 23 Jun 2026 23:45:27 +0000 https://vulnerability.circl.lu/sighting/80af1405-c9d1-41e7-9f60-65cd4017f926/export {"uuid": "80af1405-c9d1-41e7-9f60-65cd4017f926", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3mp2t7ffp4e2v", "content": "From Langflow to Monero: Inside CVE-2026-33017 Cryptominer", "creation_timestamp": "2026-06-24T21:09:32.812007Z"} {"uuid": "80af1405-c9d1-41e7-9f60-65cd4017f926", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33017", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3mp2t7ffp4e2v", "content": "From Langflow to Monero: Inside CVE-2026-33017 Cryptominer", "creation_timestamp": "2026-06-24T21:09:32.812007Z"} https://vulnerability.circl.lu/sighting/80af1405-c9d1-41e7-9f60-65cd4017f926/export Wed, 24 Jun 2026 21:09:32 +0000