<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Thu, 09 Jul 2026 03:03:49 +0000</lastBuildDate>
    <item>
      <title>c6bafa97-033b-468a-a3fa-0d822a286eb6</title>
      <link>https://vulnerability.circl.lu/sighting/c6bafa97-033b-468a-a3fa-0d822a286eb6/export</link>
      <description>{"uuid": "c6bafa97-033b-468a-a3fa-0d822a286eb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54527", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mq6ndtyssy2f", "content": "jupyterlab-git &amp;lt;0.54.0 is vulnerable to CRITICAL XSS (CVE-2026-54527). Malicious filenames can run code in users\u2019 browsers. Upgrade to 0.54.0+ now! \ud83d\udd12 https://radar.offseq.com/threat/cve-2026-54527-cwe-79-improper-neutralization-of-i-859af0d357310c79 #OffSeq #security #jupyterlab", "creation_timestamp": "2026-07-09T03:00:31.123766Z"}</description>
      <content:encoded>{"uuid": "c6bafa97-033b-468a-a3fa-0d822a286eb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54527", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mq6ndtyssy2f", "content": "jupyterlab-git &amp;lt;0.54.0 is vulnerable to CRITICAL XSS (CVE-2026-54527). Malicious filenames can run code in users\u2019 browsers. Upgrade to 0.54.0+ now! \ud83d\udd12 https://radar.offseq.com/threat/cve-2026-54527-cwe-79-improper-neutralization-of-i-859af0d357310c79 #OffSeq #security #jupyterlab", "creation_timestamp": "2026-07-09T03:00:31.123766Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c6bafa97-033b-468a-a3fa-0d822a286eb6/export</guid>
      <pubDate>Thu, 09 Jul 2026 03:00:31 +0000</pubDate>
    </item>
    <item>
      <title>4d4e0cce-0bee-4189-b8f1-a5cc594250e4</title>
      <link>https://vulnerability.circl.lu/sighting/4d4e0cce-0bee-4189-b8f1-a5cc594250e4/export</link>
      <description>{"uuid": "4d4e0cce-0bee-4189-b8f1-a5cc594250e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54527", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116887783224020082", "content": "CVE-2026-54527: CRITICAL XSS in jupyterlab-git (&amp;lt;0.54.0). Malicious Git filenames can execute JavaScript when viewed in the Git History tab \u2014 risking session hijack &amp;amp; data theft. Upgrade to 0.54.0+ ASAP. https://radar.offseq.com/threat/cve-2026-54527-cwe-79-improper-neutralization-of-i-859af0d357310c79 #OffSeq #XSS #jupyterlab #security", "creation_timestamp": "2026-07-09T03:00:29.149648Z"}</description>
      <content:encoded>{"uuid": "4d4e0cce-0bee-4189-b8f1-a5cc594250e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54527", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116887783224020082", "content": "CVE-2026-54527: CRITICAL XSS in jupyterlab-git (&amp;lt;0.54.0). Malicious Git filenames can execute JavaScript when viewed in the Git History tab \u2014 risking session hijack &amp;amp; data theft. Upgrade to 0.54.0+ ASAP. https://radar.offseq.com/threat/cve-2026-54527-cwe-79-improper-neutralization-of-i-859af0d357310c79 #OffSeq #XSS #jupyterlab #security", "creation_timestamp": "2026-07-09T03:00:29.149648Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/4d4e0cce-0bee-4189-b8f1-a5cc594250e4/export</guid>
      <pubDate>Thu, 09 Jul 2026 03:00:29 +0000</pubDate>
    </item>
    <item>
      <title>05544ba6-0d5b-41e9-8b27-2b32c0500380</title>
      <link>https://vulnerability.circl.lu/sighting/05544ba6-0d5b-41e9-8b27-2b32c0500380/export</link>
      <description>{"uuid": "05544ba6-0d5b-41e9-8b27-2b32c0500380", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54527", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq64oaqtfb24", "content": "CVE-2026-54527 - jupyterlab-git\nThe JupyterLab Git extension allows attackers to create malicious file names that can execute code when viewed by others. This can lead to unauthorized access to\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#jupyterlabgit #jupyterlab #pip #CVE #infosec", "creation_timestamp": "2026-07-08T22:02:05.569243Z"}</description>
      <content:encoded>{"uuid": "05544ba6-0d5b-41e9-8b27-2b32c0500380", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54527", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq64oaqtfb24", "content": "CVE-2026-54527 - jupyterlab-git\nThe JupyterLab Git extension allows attackers to create malicious file names that can execute code when viewed by others. This can lead to unauthorized access to\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#jupyterlabgit #jupyterlab #pip #CVE #infosec", "creation_timestamp": "2026-07-08T22:02:05.569243Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/05544ba6-0d5b-41e9-8b27-2b32c0500380/export</guid>
      <pubDate>Wed, 08 Jul 2026 22:02:05 +0000</pubDate>
    </item>
    <item>
      <title>1ed82d99-4939-479c-ab10-74557af23a73</title>
      <link>https://vulnerability.circl.lu/sighting/1ed82d99-4939-479c-ab10-74557af23a73/export</link>
      <description>{"uuid": "1ed82d99-4939-479c-ab10-74557af23a73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54527", "type": "published-proof-of-concept", "source": "https://github.com/jupyterlab/jupyterlab-git/security/advisories/GHSA-f962-v9hr-pfg5", "content": "", "creation_timestamp": "2026-06-18T07:12:58.000000Z"}</description>
      <content:encoded>{"uuid": "1ed82d99-4939-479c-ab10-74557af23a73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54527", "type": "published-proof-of-concept", "source": "https://github.com/jupyterlab/jupyterlab-git/security/advisories/GHSA-f962-v9hr-pfg5", "content": "", "creation_timestamp": "2026-06-18T07:12:58.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1ed82d99-4939-479c-ab10-74557af23a73/export</guid>
      <pubDate>Thu, 18 Jun 2026 07:12:58 +0000</pubDate>
    </item>
  </channel>
</rss>
