<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 03 Jul 2026 05:59:03 +0000</lastBuildDate>
    <item>
      <title>c974d78c-b5c2-4d72-bf50-020c10a27760</title>
      <link>https://vulnerability.circl.lu/sighting/c974d78c-b5c2-4d72-bf50-020c10a27760/export</link>
      <description>{"uuid": "c974d78c-b5c2-4d72-bf50-020c10a27760", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/roguelogics.bsky.social/post/3mplhihbycq2r", "content": "\ud83d\udea8 Patch Alert: CVE-2026-54352 is a high-severity vulnerability affecting widely-used software. This flaw can allow unauthorized remote code execution, putting sensitive data at risk. Our team urges you to patch this vulnerability immediately to mitigate potential threats. Staying ahead of threats\u2026", "creation_timestamp": "2026-07-01T11:55:08.001881Z"}</description>
      <content:encoded>{"uuid": "c974d78c-b5c2-4d72-bf50-020c10a27760", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/roguelogics.bsky.social/post/3mplhihbycq2r", "content": "\ud83d\udea8 Patch Alert: CVE-2026-54352 is a high-severity vulnerability affecting widely-used software. This flaw can allow unauthorized remote code execution, putting sensitive data at risk. Our team urges you to patch this vulnerability immediately to mitigate potential threats. Staying ahead of threats\u2026", "creation_timestamp": "2026-07-01T11:55:08.001881Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c974d78c-b5c2-4d72-bf50-020c10a27760/export</guid>
      <pubDate>Wed, 01 Jul 2026 11:55:08 +0000</pubDate>
    </item>
    <item>
      <title>9c5e4e6d-5a26-4abf-b92c-08851a6412b6</title>
      <link>https://vulnerability.circl.lu/sighting/9c5e4e6d-5a26-4abf-b92c-08851a6412b6/export</link>
      <description>{"uuid": "9c5e4e6d-5a26-4abf-b92c-08851a6412b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpkqov5yzy2e", "content": "\ud83d\udccc CVE-2026-54352 - Budibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pwa/process-zip` at packages/server/src/api/routes/static.ts:24 accepts a bu... https://www.cyberhub.blog/cves/CVE-2026-54352", "creation_timestamp": "2026-07-01T05:07:07.931884Z"}</description>
      <content:encoded>{"uuid": "9c5e4e6d-5a26-4abf-b92c-08851a6412b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpkqov5yzy2e", "content": "\ud83d\udccc CVE-2026-54352 - Budibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pwa/process-zip` at packages/server/src/api/routes/static.ts:24 accepts a bu... https://www.cyberhub.blog/cves/CVE-2026-54352", "creation_timestamp": "2026-07-01T05:07:07.931884Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9c5e4e6d-5a26-4abf-b92c-08851a6412b6/export</guid>
      <pubDate>Wed, 01 Jul 2026 05:07:07 +0000</pubDate>
    </item>
    <item>
      <title>1764ae23-1174-47e8-a669-72f6ff7c4b89</title>
      <link>https://vulnerability.circl.lu/sighting/1764ae23-1174-47e8-a669-72f6ff7c4b89/export</link>
      <description>{"uuid": "1764ae23-1174-47e8-a669-72f6ff7c4b89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mph77k3sah23", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-54352 \u0432 Budibase: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/A0DB0CCD-330D-495C-8969-C700C2628D60", "creation_timestamp": "2026-06-29T19:16:19.132727Z"}</description>
      <content:encoded>{"uuid": "1764ae23-1174-47e8-a669-72f6ff7c4b89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mph77k3sah23", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-54352 \u0432 Budibase: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/A0DB0CCD-330D-495C-8969-C700C2628D60", "creation_timestamp": "2026-06-29T19:16:19.132727Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1764ae23-1174-47e8-a669-72f6ff7c4b89/export</guid>
      <pubDate>Mon, 29 Jun 2026 19:16:19 +0000</pubDate>
    </item>
    <item>
      <title>66d8cbca-5614-4df0-af1c-3b5e9cc6e10c</title>
      <link>https://vulnerability.circl.lu/sighting/66d8cbca-5614-4df0-af1c-3b5e9cc6e10c/export</link>
      <description>{"uuid": "66d8cbca-5614-4df0-af1c-3b5e9cc6e10c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mpdt2kkhgd2y", "content": "\ud83d\udd34 CVE-2026-54352 - Critical (9.6)\n\nBudibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pwa/process-zip` at pac...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-54352/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-28T11:00:49.141725Z"}</description>
      <content:encoded>{"uuid": "66d8cbca-5614-4df0-af1c-3b5e9cc6e10c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mpdt2kkhgd2y", "content": "\ud83d\udd34 CVE-2026-54352 - Critical (9.6)\n\nBudibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pwa/process-zip` at pac...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-54352/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-28T11:00:49.141725Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/66d8cbca-5614-4df0-af1c-3b5e9cc6e10c/export</guid>
      <pubDate>Sun, 28 Jun 2026 11:00:49 +0000</pubDate>
    </item>
    <item>
      <title>df80e4f3-045c-43ac-ab01-6d4db2f9b0e6</title>
      <link>https://vulnerability.circl.lu/sighting/df80e4f3-045c-43ac-ab01-6d4db2f9b0e6/export</link>
      <description>{"uuid": "df80e4f3-045c-43ac-ab01-6d4db2f9b0e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mpdmouqwyg2u", "content": "CVE-2026-54352 - Critical Path Traversal in Budibase. Symlink extraction allows reading arbitrary files. CVSS 9.6. Unpatched - limit builder access immediately. #CVE #Budibase #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-54352/", "creation_timestamp": "2026-06-28T09:06:53.641937Z"}</description>
      <content:encoded>{"uuid": "df80e4f3-045c-43ac-ab01-6d4db2f9b0e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mpdmouqwyg2u", "content": "CVE-2026-54352 - Critical Path Traversal in Budibase. Symlink extraction allows reading arbitrary files. CVSS 9.6. Unpatched - limit builder access immediately. #CVE #Budibase #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-54352/", "creation_timestamp": "2026-06-28T09:06:53.641937Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/df80e4f3-045c-43ac-ab01-6d4db2f9b0e6/export</guid>
      <pubDate>Sun, 28 Jun 2026 09:06:53 +0000</pubDate>
    </item>
    <item>
      <title>4864f77a-fde9-433f-8769-d9dd7b307a50</title>
      <link>https://vulnerability.circl.lu/sighting/4864f77a-fde9-433f-8769-d9dd7b307a50/export</link>
      <description>{"uuid": "4864f77a-fde9-433f-8769-d9dd7b307a50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7y5eswhr2c", "content": "CVE-2026-54352 - Budibase: Arbitrary file read by workspace-builder via PWA-zip symlink upload\nCVE ID : CVE-2026-54352\n \n Published : June 26, 2026, 8:32 p.m. | 1\u00a0hour, 12\u00a0minutes ago\n \n Description : Budibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pw...", "creation_timestamp": "2026-06-26T22:21:12.234822Z"}</description>
      <content:encoded>{"uuid": "4864f77a-fde9-433f-8769-d9dd7b307a50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7y5eswhr2c", "content": "CVE-2026-54352 - Budibase: Arbitrary file read by workspace-builder via PWA-zip symlink upload\nCVE ID : CVE-2026-54352\n \n Published : June 26, 2026, 8:32 p.m. | 1\u00a0hour, 12\u00a0minutes ago\n \n Description : Budibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pw...", "creation_timestamp": "2026-06-26T22:21:12.234822Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/4864f77a-fde9-433f-8769-d9dd7b307a50/export</guid>
      <pubDate>Fri, 26 Jun 2026 22:21:12 +0000</pubDate>
    </item>
    <item>
      <title>483fba80-eac1-4586-b63d-d07276e8df52</title>
      <link>https://vulnerability.circl.lu/sighting/483fba80-eac1-4586-b63d-d07276e8df52/export</link>
      <description>{"uuid": "483fba80-eac1-4586-b63d-d07276e8df52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mow4im4pyb2r", "content": "A single Budibase app builder can read every secret on your server.\n\nA rigged app-icon upload exposes the master keys, forges an admin token, and reaches every workspace.\n\nSelf-hosted? Update to 3.39.9 and rotate secrets. (CVE-2026-54352)", "creation_timestamp": "2026-06-23T00:12:27.775773Z"}</description>
      <content:encoded>{"uuid": "483fba80-eac1-4586-b63d-d07276e8df52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mow4im4pyb2r", "content": "A single Budibase app builder can read every secret on your server.\n\nA rigged app-icon upload exposes the master keys, forges an admin token, and reaches every workspace.\n\nSelf-hosted? Update to 3.39.9 and rotate secrets. (CVE-2026-54352)", "creation_timestamp": "2026-06-23T00:12:27.775773Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/483fba80-eac1-4586-b63d-d07276e8df52/export</guid>
      <pubDate>Tue, 23 Jun 2026 00:12:27 +0000</pubDate>
    </item>
  </channel>
</rss>
