<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 03 Jul 2026 07:38:36 +0000</lastBuildDate>
    <item>
      <title>980d8e1d-db16-4835-b8da-1e612054ae39</title>
      <link>https://vulnerability.circl.lu/sighting/980d8e1d-db16-4835-b8da-1e612054ae39/export</link>
      <description>{"uuid": "980d8e1d-db16-4835-b8da-1e612054ae39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-39813", "type": "seen", "source": "https://www.acn.gov.it/portale/w/fortibleed-esposizione-di-credenziali-ssl-vpn-associate-a-dispositivi-fortinet-esposti-su-internet", "content": "", "creation_timestamp": "2026-06-25T16:45:18.106835Z"}</description>
      <content:encoded>{"uuid": "980d8e1d-db16-4835-b8da-1e612054ae39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-39813", "type": "seen", "source": "https://www.acn.gov.it/portale/w/fortibleed-esposizione-di-credenziali-ssl-vpn-associate-a-dispositivi-fortinet-esposti-su-internet", "content": "", "creation_timestamp": "2026-06-25T16:45:18.106835Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/980d8e1d-db16-4835-b8da-1e612054ae39/export</guid>
      <pubDate>Thu, 25 Jun 2026 16:45:18 +0000</pubDate>
    </item>
    <item>
      <title>a0920e0f-45fb-4b2c-a223-5cea86446478</title>
      <link>https://vulnerability.circl.lu/sighting/a0920e0f-45fb-4b2c-a223-5cea86446478/export</link>
      <description>{"uuid": "a0920e0f-45fb-4b2c-a223-5cea86446478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39813", "type": "seen", "source": "https://bsky.app/profile/termsofsurrender.bsky.social/post/3mozmerczap26", "content": "FortiSandbox Gets Rooted While Everyone Stares at the Dashboard\nPANIC 88% | Lag 0.0h | Threat actors are chaining multiple FortiSandbox vulnerabilities, including CVE-2026-39813, to achie\n#AfterShockIndex\nREAD MORE", "creation_timestamp": "2026-06-24T09:34:36.994844Z"}</description>
      <content:encoded>{"uuid": "a0920e0f-45fb-4b2c-a223-5cea86446478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39813", "type": "seen", "source": "https://bsky.app/profile/termsofsurrender.bsky.social/post/3mozmerczap26", "content": "FortiSandbox Gets Rooted While Everyone Stares at the Dashboard\nPANIC 88% | Lag 0.0h | Threat actors are chaining multiple FortiSandbox vulnerabilities, including CVE-2026-39813, to achie\n#AfterShockIndex\nREAD MORE", "creation_timestamp": "2026-06-24T09:34:36.994844Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a0920e0f-45fb-4b2c-a223-5cea86446478/export</guid>
      <pubDate>Wed, 24 Jun 2026 09:34:36 +0000</pubDate>
    </item>
    <item>
      <title>f54d31f8-c97a-4b5c-8f29-3e57aa0f4dc3</title>
      <link>https://vulnerability.circl.lu/sighting/f54d31f8-c97a-4b5c-8f29-3e57aa0f4dc3/export</link>
      <description>{"uuid": "f54d31f8-c97a-4b5c-8f29-3e57aa0f4dc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39813", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3moy45riuqj2r", "content": "\ud83d\udea8 ACTIVE EXPLOITATION: Threat actors are chaining three FortiSandbox vulnerabilities (CVE-2026-39813, et al.) for unauthenticated RCE and full root takeover. Patch immediately to prevent sandbox compromise. #infosec #vulnerability #fortinet\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-23T19:11:43.599864Z"}</description>
      <content:encoded>{"uuid": "f54d31f8-c97a-4b5c-8f29-3e57aa0f4dc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39813", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3moy45riuqj2r", "content": "\ud83d\udea8 ACTIVE EXPLOITATION: Threat actors are chaining three FortiSandbox vulnerabilities (CVE-2026-39813, et al.) for unauthenticated RCE and full root takeover. Patch immediately to prevent sandbox compromise. #infosec #vulnerability #fortinet\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-23T19:11:43.599864Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/f54d31f8-c97a-4b5c-8f29-3e57aa0f4dc3/export</guid>
      <pubDate>Tue, 23 Jun 2026 19:11:43 +0000</pubDate>
    </item>
    <item>
      <title>18c2e061-a8bb-4b62-9bd4-8eac927684dc</title>
      <link>https://vulnerability.circl.lu/sighting/18c2e061-a8bb-4b62-9bd4-8eac927684dc/export</link>
      <description>{"uuid": "18c2e061-a8bb-4b62-9bd4-8eac927684dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39813", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116801003102879891", "content": "\ud83d\udcf0 FortiSandbox Vulnerabilities Chained for Root-Level Takeover, Active Exploits in Wild\n\ud83d\udea8 ACTIVE EXPLOITATION: Threat actors are chaining three FortiSandbox vulnerabilities (CVE-2026-39813, et al.) for unauthenticated RCE and full root takeover. Patch immediately to prevent sandbox compromise. #infosec #vulnerability #fortinet\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/exploitation-of-multiple-fortisandbox-vulnerabilities-observed-in-the-wild/?u\u2026", "creation_timestamp": "2026-06-23T19:11:13.178159Z"}</description>
      <content:encoded>{"uuid": "18c2e061-a8bb-4b62-9bd4-8eac927684dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39813", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116801003102879891", "content": "\ud83d\udcf0 FortiSandbox Vulnerabilities Chained for Root-Level Takeover, Active Exploits in Wild\n\ud83d\udea8 ACTIVE EXPLOITATION: Threat actors are chaining three FortiSandbox vulnerabilities (CVE-2026-39813, et al.) for unauthenticated RCE and full root takeover. Patch immediately to prevent sandbox compromise. #infosec #vulnerability #fortinet\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/exploitation-of-multiple-fortisandbox-vulnerabilities-observed-in-the-wild/?u\u2026", "creation_timestamp": "2026-06-23T19:11:13.178159Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/18c2e061-a8bb-4b62-9bd4-8eac927684dc/export</guid>
      <pubDate>Tue, 23 Jun 2026 19:11:13 +0000</pubDate>
    </item>
    <item>
      <title>763179c3-4ff4-4217-8118-af50c0c8823c</title>
      <link>https://vulnerability.circl.lu/sighting/763179c3-4ff4-4217-8118-af50c0c8823c/export</link>
      <description>{"uuid": "763179c3-4ff4-4217-8118-af50c0c8823c", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39813", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5c9f9de2-5560-4056-9ed6-937928435f16", "content": "", "creation_timestamp": "2026-06-23T14:02:57.186992Z"}</description>
      <content:encoded>{"uuid": "763179c3-4ff4-4217-8118-af50c0c8823c", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39813", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5c9f9de2-5560-4056-9ed6-937928435f16", "content": "", "creation_timestamp": "2026-06-23T14:02:57.186992Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/763179c3-4ff4-4217-8118-af50c0c8823c/export</guid>
      <pubDate>Tue, 23 Jun 2026 14:02:57 +0000</pubDate>
    </item>
    <item>
      <title>46f20f95-755f-4bd9-98bd-4c9ec910523e</title>
      <link>https://vulnerability.circl.lu/sighting/46f20f95-755f-4bd9-98bd-4c9ec910523e/export</link>
      <description>{"uuid": "46f20f95-755f-4bd9-98bd-4c9ec910523e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39813", "type": "seen", "source": "https://bsky.app/profile/insomnisec.bsky.social/post/3movslpmknz27", "content": "\ud83d\udce1 Fortinet FortiSandbox: Three Critical Vulnerabilities Under Active Attack (CVE-2026-39808, CVE-2026-39813, CVE-2026-25089)", "creation_timestamp": "2026-06-22T21:15:13.766298Z"}</description>
      <content:encoded>{"uuid": "46f20f95-755f-4bd9-98bd-4c9ec910523e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39813", "type": "seen", "source": "https://bsky.app/profile/insomnisec.bsky.social/post/3movslpmknz27", "content": "\ud83d\udce1 Fortinet FortiSandbox: Three Critical Vulnerabilities Under Active Attack (CVE-2026-39808, CVE-2026-39813, CVE-2026-25089)", "creation_timestamp": "2026-06-22T21:15:13.766298Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/46f20f95-755f-4bd9-98bd-4c9ec910523e/export</guid>
      <pubDate>Mon, 22 Jun 2026 21:15:13 +0000</pubDate>
    </item>
    <item>
      <title>5dd3aec4-213e-4fac-892b-bb87bd00054c</title>
      <link>https://vulnerability.circl.lu/sighting/5dd3aec4-213e-4fac-892b-bb87bd00054c/export</link>
      <description>{"uuid": "5dd3aec4-213e-4fac-892b-bb87bd00054c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39813", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3movomuqbyi2d", "content": "~Checkpoint~\nWeekly threat intel highlights FortiSandbox &amp;amp; Splunk zero-days, AI agent exploits, and major breaches at Texas Parks &amp;amp; Klue.\n-\nIOCs: CVE-2026-39813, CVE-2026-50656, CVE-2026-20253\n-\n#DataBreach #ThreatIntel #Vulnerabilities", "creation_timestamp": "2026-06-22T20:04:17.765442Z"}</description>
      <content:encoded>{"uuid": "5dd3aec4-213e-4fac-892b-bb87bd00054c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39813", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3movomuqbyi2d", "content": "~Checkpoint~\nWeekly threat intel highlights FortiSandbox &amp;amp; Splunk zero-days, AI agent exploits, and major breaches at Texas Parks &amp;amp; Klue.\n-\nIOCs: CVE-2026-39813, CVE-2026-50656, CVE-2026-20253\n-\n#DataBreach #ThreatIntel #Vulnerabilities", "creation_timestamp": "2026-06-22T20:04:17.765442Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5dd3aec4-213e-4fac-892b-bb87bd00054c/export</guid>
      <pubDate>Mon, 22 Jun 2026 20:04:17 +0000</pubDate>
    </item>
    <item>
      <title>af725c7f-579d-41eb-af3e-b14bf1991b6e</title>
      <link>https://vulnerability.circl.lu/sighting/af725c7f-579d-41eb-af3e-b14bf1991b6e/export</link>
      <description>{"uuid": "af725c7f-579d-41eb-af3e-b14bf1991b6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39813", "type": "seen", "source": "https://bsky.app/profile/trinacriatech.bsky.social/post/3mov6psbc7s26", "content": "FortiSandbox 3 CVE in exploitation ITW: CVE-2026-39813 (CVSS 9.8, auth bypass JRPC API) + CVE-2026-39808 (OS cmd injection, PoC pubblico aprile). FortiSandbox = verdict-engine di FortiGate/FortiMail/FortiWeb. Fix: 5.0.6/4.4.9 #Fortinet", "creation_timestamp": "2026-06-22T15:19:35.858005Z"}</description>
      <content:encoded>{"uuid": "af725c7f-579d-41eb-af3e-b14bf1991b6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39813", "type": "seen", "source": "https://bsky.app/profile/trinacriatech.bsky.social/post/3mov6psbc7s26", "content": "FortiSandbox 3 CVE in exploitation ITW: CVE-2026-39813 (CVSS 9.8, auth bypass JRPC API) + CVE-2026-39808 (OS cmd injection, PoC pubblico aprile). FortiSandbox = verdict-engine di FortiGate/FortiMail/FortiWeb. Fix: 5.0.6/4.4.9 #Fortinet", "creation_timestamp": "2026-06-22T15:19:35.858005Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/af725c7f-579d-41eb-af3e-b14bf1991b6e/export</guid>
      <pubDate>Mon, 22 Jun 2026 15:19:35 +0000</pubDate>
    </item>
    <item>
      <title>c7ba5925-4141-4910-8787-141aa7948ddf</title>
      <link>https://vulnerability.circl.lu/sighting/c7ba5925-4141-4910-8787-141aa7948ddf/export</link>
      <description>{"uuid": "c7ba5925-4141-4910-8787-141aa7948ddf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39813", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3moutld5gaj27", "content": "\ud83d\udd0d Top signals this week:\n\nCVEs: CVE-2026-20262, CVE-2026-35273, CVE-2026-39813, CVE-2026-48558, CVE-2026-50656\nActors: Ransomware, Apt, Play\n\nFull intel: https://matlock.ca/cybersecnews", "creation_timestamp": "2026-06-22T12:00:28.111725Z"}</description>
      <content:encoded>{"uuid": "c7ba5925-4141-4910-8787-141aa7948ddf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39813", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3moutld5gaj27", "content": "\ud83d\udd0d Top signals this week:\n\nCVEs: CVE-2026-20262, CVE-2026-35273, CVE-2026-39813, CVE-2026-48558, CVE-2026-50656\nActors: Ransomware, Apt, Play\n\nFull intel: https://matlock.ca/cybersecnews", "creation_timestamp": "2026-06-22T12:00:28.111725Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c7ba5925-4141-4910-8787-141aa7948ddf/export</guid>
      <pubDate>Mon, 22 Jun 2026 12:00:28 +0000</pubDate>
    </item>
    <item>
      <title>7941c546-51f3-4396-90a7-b5651dd3390f</title>
      <link>https://vulnerability.circl.lu/sighting/7941c546-51f3-4396-90a7-b5651dd3390f/export</link>
      <description>{"uuid": "7941c546-51f3-4396-90a7-b5651dd3390f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-39813", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/fee93255-19dd-4e3c-b8ea-5c30109a62bf", "content": "", "creation_timestamp": "2026-06-22T10:49:37.461078Z"}</description>
      <content:encoded>{"uuid": "7941c546-51f3-4396-90a7-b5651dd3390f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-39813", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/fee93255-19dd-4e3c-b8ea-5c30109a62bf", "content": "", "creation_timestamp": "2026-06-22T10:49:37.461078Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7941c546-51f3-4396-90a7-b5651dd3390f/export</guid>
      <pubDate>Mon, 22 Jun 2026 10:49:37 +0000</pubDate>
    </item>
  </channel>
</rss>
