<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sat, 04 Jul 2026 03:24:16 +0000</lastBuildDate>
    <item>
      <title>b04d4063-c757-4a47-a6ec-12d91c188ac4</title>
      <link>https://vulnerability.circl.lu/sighting/b04d4063-c757-4a47-a6ec-12d91c188ac4/export</link>
      <description>{"uuid": "b04d4063-c757-4a47-a6ec-12d91c188ac4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45060", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mo2qe7oetf2r", "content": "ClipBucket v5.5.3\u672a\u6e80\u3067\u306f\u3001\u8a8d\u8a3c\u3055\u308c\u3066\u3044\u306a\u3044\u30e6\u30fc\u30b6\u30fc\u304cprogress_video.php\u306eids\u30d1\u30e9\u30e1\u30fc\u30bf\u3067SQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u3092\u60aa\u7528\u3057\u3001\u6a5f\u5bc6\u30c7\u30fc\u30bf\u3092\u7a83\u53d6\u3059\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\nCVE-2026-45060 CVSS 9.8 | CRITICAL", "creation_timestamp": "2026-06-12T02:53:21.660294Z"}</description>
      <content:encoded>{"uuid": "b04d4063-c757-4a47-a6ec-12d91c188ac4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45060", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mo2qe7oetf2r", "content": "ClipBucket v5.5.3\u672a\u6e80\u3067\u306f\u3001\u8a8d\u8a3c\u3055\u308c\u3066\u3044\u306a\u3044\u30e6\u30fc\u30b6\u30fc\u304cprogress_video.php\u306eids\u30d1\u30e9\u30e1\u30fc\u30bf\u3067SQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u3092\u60aa\u7528\u3057\u3001\u6a5f\u5bc6\u30c7\u30fc\u30bf\u3092\u7a83\u53d6\u3059\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\nCVE-2026-45060 CVSS 9.8 | CRITICAL", "creation_timestamp": "2026-06-12T02:53:21.660294Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b04d4063-c757-4a47-a6ec-12d91c188ac4/export</guid>
      <pubDate>Fri, 12 Jun 2026 02:53:21 +0000</pubDate>
    </item>
    <item>
      <title>c29e94cf-9d9f-44d0-8d6a-36ded3caba08</title>
      <link>https://vulnerability.circl.lu/sighting/c29e94cf-9d9f-44d0-8d6a-36ded3caba08/export</link>
      <description>{"uuid": "c29e94cf-9d9f-44d0-8d6a-36ded3caba08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45060", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mo2nr25qwa2r", "content": "CVE-2026-45060 - Critical unauthenticated blind SQLi in ClipBucket v5. CVSS 9.8. Attackers can exfiltrate sensitive data via the ids parameter. Update to 5.5.3 - #129 immediately. #CVE #infosec #ClipBucket\n\nhttps://www.valtersit.com/cve/CVE-2026-45060/", "creation_timestamp": "2026-06-12T02:06:50.792025Z"}</description>
      <content:encoded>{"uuid": "c29e94cf-9d9f-44d0-8d6a-36ded3caba08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45060", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mo2nr25qwa2r", "content": "CVE-2026-45060 - Critical unauthenticated blind SQLi in ClipBucket v5. CVSS 9.8. Attackers can exfiltrate sensitive data via the ids parameter. Update to 5.5.3 - #129 immediately. #CVE #infosec #ClipBucket\n\nhttps://www.valtersit.com/cve/CVE-2026-45060/", "creation_timestamp": "2026-06-12T02:06:50.792025Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c29e94cf-9d9f-44d0-8d6a-36ded3caba08/export</guid>
      <pubDate>Fri, 12 Jun 2026 02:06:50 +0000</pubDate>
    </item>
    <item>
      <title>54d6e7cd-6fdc-4eb2-8ed0-21c2c84c23fe</title>
      <link>https://vulnerability.circl.lu/sighting/54d6e7cd-6fdc-4eb2-8ed0-21c2c84c23fe/export</link>
      <description>{"uuid": "54d6e7cd-6fdc-4eb2-8ed0-21c2c84c23fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45060", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mo2lpwxev72r", "content": "\ud83d\udea8 CRITICAL vuln: ClipBucket v5 (&amp;lt;5.5.3) blind SQL injection in progress_video.php \u2014 unauthenticated attackers can steal data. Patch to v5.5.3 now! https://radar.offseq.com/threat/cve-2026-45060-cwe-89-improper-neutralization-of-s-b8ad08b0 #OffSeq #SQLInjection #Vulnerability", "creation_timestamp": "2026-06-12T01:30:26.901165Z"}</description>
      <content:encoded>{"uuid": "54d6e7cd-6fdc-4eb2-8ed0-21c2c84c23fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45060", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mo2lpwxev72r", "content": "\ud83d\udea8 CRITICAL vuln: ClipBucket v5 (&amp;lt;5.5.3) blind SQL injection in progress_video.php \u2014 unauthenticated attackers can steal data. Patch to v5.5.3 now! https://radar.offseq.com/threat/cve-2026-45060-cwe-89-improper-neutralization-of-s-b8ad08b0 #OffSeq #SQLInjection #Vulnerability", "creation_timestamp": "2026-06-12T01:30:26.901165Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/54d6e7cd-6fdc-4eb2-8ed0-21c2c84c23fe/export</guid>
      <pubDate>Fri, 12 Jun 2026 01:30:26 +0000</pubDate>
    </item>
    <item>
      <title>400cab66-249a-42a6-9a59-fceda54f35e2</title>
      <link>https://vulnerability.circl.lu/sighting/400cab66-249a-42a6-9a59-fceda54f35e2/export</link>
      <description>{"uuid": "400cab66-249a-42a6-9a59-fceda54f35e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45060", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mo2gpmacuu2p", "content": "\ud83d\udd34 CVE-2026-45060 - Critical (9.8)\n\nClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #129, the action...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-45060/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-12T00:00:47.343815Z"}</description>
      <content:encoded>{"uuid": "400cab66-249a-42a6-9a59-fceda54f35e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45060", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mo2gpmacuu2p", "content": "\ud83d\udd34 CVE-2026-45060 - Critical (9.8)\n\nClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #129, the action...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-45060/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-12T00:00:47.343815Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/400cab66-249a-42a6-9a59-fceda54f35e2/export</guid>
      <pubDate>Fri, 12 Jun 2026 00:00:47 +0000</pubDate>
    </item>
    <item>
      <title>95aab1ea-ac24-43c9-9993-95ccc1ff18fc</title>
      <link>https://vulnerability.circl.lu/sighting/95aab1ea-ac24-43c9-9993-95ccc1ff18fc/export</link>
      <description>{"uuid": "95aab1ea-ac24-43c9-9993-95ccc1ff18fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45067", "type": "published-proof-of-concept", "source": "Telegram/cFkqaiLeMF7rcnyy-4alEvGOnwxzqn60V0GjpreyOt3-Yxw", "content": "", "creation_timestamp": "2026-06-09T11:00:07.000000Z"}</description>
      <content:encoded>{"uuid": "95aab1ea-ac24-43c9-9993-95ccc1ff18fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45067", "type": "published-proof-of-concept", "source": "Telegram/cFkqaiLeMF7rcnyy-4alEvGOnwxzqn60V0GjpreyOt3-Yxw", "content": "", "creation_timestamp": "2026-06-09T11:00:07.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/95aab1ea-ac24-43c9-9993-95ccc1ff18fc/export</guid>
      <pubDate>Tue, 09 Jun 2026 11:00:07 +0000</pubDate>
    </item>
    <item>
      <title>ecb667cb-5446-4607-b13f-92a17cd1fa8f</title>
      <link>https://vulnerability.circl.lu/sighting/ecb667cb-5446-4607-b13f-92a17cd1fa8f/export</link>
      <description>{"uuid": "ecb667cb-5446-4607-b13f-92a17cd1fa8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45064", "type": "seen", "source": "https://bsky.app/profile/mradcliffe.nokoto.org.ap.brid.gy/post/3mmbu4igtlyo2", "content": "Symfony 7.4.12, Symfony 8.0.12 and Twig 3.26.0 releases today with a bunch of CVEs.\n\nCVE-2026-46640 in twig and CVE-2026-45075 in Symfony router and CVE-2026-45064 in Symfony sanitizer seem particularly scary.\n\n`composer update` and test, test, test.", "creation_timestamp": "2026-05-20T11:59:01.857372Z"}</description>
      <content:encoded>{"uuid": "ecb667cb-5446-4607-b13f-92a17cd1fa8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45064", "type": "seen", "source": "https://bsky.app/profile/mradcliffe.nokoto.org.ap.brid.gy/post/3mmbu4igtlyo2", "content": "Symfony 7.4.12, Symfony 8.0.12 and Twig 3.26.0 releases today with a bunch of CVEs.\n\nCVE-2026-46640 in twig and CVE-2026-45075 in Symfony router and CVE-2026-45064 in Symfony sanitizer seem particularly scary.\n\n`composer update` and test, test, test.", "creation_timestamp": "2026-05-20T11:59:01.857372Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ecb667cb-5446-4607-b13f-92a17cd1fa8f/export</guid>
      <pubDate>Wed, 20 May 2026 11:59:01 +0000</pubDate>
    </item>
    <item>
      <title>b2d9eb06-578a-4700-b2b4-b825357aab2c</title>
      <link>https://vulnerability.circl.lu/sighting/b2d9eb06-578a-4700-b2b4-b825357aab2c/export</link>
      <description>{"uuid": "b2d9eb06-578a-4700-b2b4-b825357aab2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45069", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbqpbof7o2y", "content": "\ud83d\udd10 CVE-2026-45069: OidcTokenHandler Accepts JWTs Missing aud/iss/exp Claims\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-45069-oidctokenhandler-accepts-jwts-missing-aud-iss-exp-claims", "creation_timestamp": "2026-05-20T10:58:12.020717Z"}</description>
      <content:encoded>{"uuid": "b2d9eb06-578a-4700-b2b4-b825357aab2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45069", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbqpbof7o2y", "content": "\ud83d\udd10 CVE-2026-45069: OidcTokenHandler Accepts JWTs Missing aud/iss/exp Claims\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-45069-oidctokenhandler-accepts-jwts-missing-aud-iss-exp-claims", "creation_timestamp": "2026-05-20T10:58:12.020717Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b2d9eb06-578a-4700-b2b4-b825357aab2c/export</guid>
      <pubDate>Wed, 20 May 2026 10:58:12 +0000</pubDate>
    </item>
    <item>
      <title>1a7cf19e-2e8a-4a4d-9f50-e671921e06f1</title>
      <link>https://vulnerability.circl.lu/sighting/1a7cf19e-2e8a-4a4d-9f50-e671921e06f1/export</link>
      <description>{"uuid": "1a7cf19e-2e8a-4a4d-9f50-e671921e06f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45066", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbqp4m3gj25", "content": "\ud83d\udd10 CVE-2026-45066: HtmlSanitizer allowLinkHosts() / allowMediaHosts() Bypass via URL-Parser Differentials and  Misclassification\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-45066-htmlsanitizer-allowlinkhosts-allowmediahosts-bypass-via-url-parser-differentials-and-area-misclassification", "creation_timestamp": "2026-05-20T10:57:42.142136Z"}</description>
      <content:encoded>{"uuid": "1a7cf19e-2e8a-4a4d-9f50-e671921e06f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45066", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbqp4m3gj25", "content": "\ud83d\udd10 CVE-2026-45066: HtmlSanitizer allowLinkHosts() / allowMediaHosts() Bypass via URL-Parser Differentials and  Misclassification\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-45066-htmlsanitizer-allowlinkhosts-allowmediahosts-bypass-via-url-parser-differentials-and-area-misclassification", "creation_timestamp": "2026-05-20T10:57:42.142136Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1a7cf19e-2e8a-4a4d-9f50-e671921e06f1/export</guid>
      <pubDate>Wed, 20 May 2026 10:57:42 +0000</pubDate>
    </item>
    <item>
      <title>5e1843b2-fe7c-451f-9e43-cc2c395a02a9</title>
      <link>https://vulnerability.circl.lu/sighting/5e1843b2-fe7c-451f-9e43-cc2c395a02a9/export</link>
      <description>{"uuid": "5e1843b2-fe7c-451f-9e43-cc2c395a02a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45067", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbqovqbog2y", "content": "\ud83d\udd10 CVE-2026-45067: Email Header / SMTP Command Injection via CRLF in Symfony\\Component\\Mime\\Address\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-45067-email-header-smtp-command-injection-via-crlf-in-symfony-component-mime-address", "creation_timestamp": "2026-05-20T10:57:34.938448Z"}</description>
      <content:encoded>{"uuid": "5e1843b2-fe7c-451f-9e43-cc2c395a02a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45067", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbqovqbog2y", "content": "\ud83d\udd10 CVE-2026-45067: Email Header / SMTP Command Injection via CRLF in Symfony\\Component\\Mime\\Address\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-45067-email-header-smtp-command-injection-via-crlf-in-symfony-component-mime-address", "creation_timestamp": "2026-05-20T10:57:34.938448Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5e1843b2-fe7c-451f-9e43-cc2c395a02a9/export</guid>
      <pubDate>Wed, 20 May 2026 10:57:34 +0000</pubDate>
    </item>
    <item>
      <title>6f232eff-e111-4c81-859d-b59d7de7cb78</title>
      <link>https://vulnerability.circl.lu/sighting/6f232eff-e111-4c81-859d-b59d7de7cb78/export</link>
      <description>{"uuid": "6f232eff-e111-4c81-859d-b59d7de7cb78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45068", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbqoqvzdp2y", "content": "\ud83d\udd10 CVE-2026-45068: Argument Injection in SendmailTransport via Dash-Prefixed Recipient Address\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-45068-argument-injection-in-sendmailtransport-via-dash-prefixed-recipient-address", "creation_timestamp": "2026-05-20T10:57:29.949199Z"}</description>
      <content:encoded>{"uuid": "6f232eff-e111-4c81-859d-b59d7de7cb78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45068", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbqoqvzdp2y", "content": "\ud83d\udd10 CVE-2026-45068: Argument Injection in SendmailTransport via Dash-Prefixed Recipient Address\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-45068-argument-injection-in-sendmailtransport-via-dash-prefixed-recipient-address", "creation_timestamp": "2026-05-20T10:57:29.949199Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/6f232eff-e111-4c81-859d-b59d7de7cb78/export</guid>
      <pubDate>Wed, 20 May 2026 10:57:29 +0000</pubDate>
    </item>
  </channel>
</rss>
