https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 29 Jun 2026 15:55:49 +0000 https://vulnerability.circl.lu/sighting/9b157fd2-5e23-4e5d-be26-62eebba12e13/export {"uuid": "9b157fd2-5e23-4e5d-be26-62eebba12e13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56070", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7ikigsze2x", "content": "CVE-2026-56070 - WordPress Advance Product Search plugin\nCVE ID : CVE-2026-56070\n \n Published : June 26, 2026, 2:52 p.m. | 57\u00a0minutes ago\n \n Description : Unauthenticated SQL Injection in Advance Product Search <= 1.4.4 versions.\n \n Severity: 9.3 | CRITICAL\n \n Visit the lin...", "creation_timestamp": "2026-06-26T17:42:12.397585Z"} {"uuid": "9b157fd2-5e23-4e5d-be26-62eebba12e13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56070", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7ikigsze2x", "content": "CVE-2026-56070 - WordPress Advance Product Search plugin\nCVE ID : CVE-2026-56070\n \n Published : June 26, 2026, 2:52 p.m. | 57\u00a0minutes ago\n \n Description : Unauthenticated SQL Injection in Advance Product Search <= 1.4.4 versions.\n \n Severity: 9.3 | CRITICAL\n \n Visit the lin...", "creation_timestamp": "2026-06-26T17:42:12.397585Z"} https://vulnerability.circl.lu/sighting/9b157fd2-5e23-4e5d-be26-62eebba12e13/export Fri, 26 Jun 2026 17:42:12 +0000 https://vulnerability.circl.lu/sighting/72323327-b4a6-40b3-8535-ac2e173677f8/export {"uuid": "72323327-b4a6-40b3-8535-ac2e173677f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56073", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motn57zsyx2v", "content": "\ud83d\udea8 ALERT: CVE-2026-56073\n\nCVSS 9.4/10\n\n\ud83d\udccb WHAT IT IS:\nCap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email verification by modifying server responses. Attackers can intercept OTP verification requests and manipulate HTTP resp", "creation_timestamp": "2026-06-22T00:32:19.300425Z"} {"uuid": "72323327-b4a6-40b3-8535-ac2e173677f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56073", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motn57zsyx2v", "content": "\ud83d\udea8 ALERT: CVE-2026-56073\n\nCVSS 9.4/10\n\n\ud83d\udccb WHAT IT IS:\nCap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email verification by modifying server responses. Attackers can intercept OTP verification requests and manipulate HTTP resp", "creation_timestamp": "2026-06-22T00:32:19.300425Z"} https://vulnerability.circl.lu/sighting/72323327-b4a6-40b3-8535-ac2e173677f8/export Mon, 22 Jun 2026 00:32:19 +0000 https://vulnerability.circl.lu/sighting/50e46777-b304-4f79-9e9b-3641a6407f28/export {"uuid": "50e46777-b304-4f79-9e9b-3641a6407f28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56073", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mopbujmpzo2r", "content": "Cap-go 12.128.2\u672a\u6e80\u306eOTP\u8a8d\u8a3c\u306b\u8106\u5f31\u6027\u3002\u653b\u6483\u8005\u306f\u30e1\u30fc\u30eb\u691c\u8a3c\u3092\u8fc2\u56de\u3057\u30012FA\u4e0d\u6b63\u6709\u52b9\u5316\u3084\u30a2\u30ab\u30a6\u30f3\u30c8\u4e57\u3063\u53d6\u308a\u304c\u53ef\u80fd\u3002\nCVE-2026-56073 CVSS 9.4 | CRITICAL", "creation_timestamp": "2026-06-20T06:59:57.193692Z"} {"uuid": "50e46777-b304-4f79-9e9b-3641a6407f28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56073", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mopbujmpzo2r", "content": "Cap-go 12.128.2\u672a\u6e80\u306eOTP\u8a8d\u8a3c\u306b\u8106\u5f31\u6027\u3002\u653b\u6483\u8005\u306f\u30e1\u30fc\u30eb\u691c\u8a3c\u3092\u8fc2\u56de\u3057\u30012FA\u4e0d\u6b63\u6709\u52b9\u5316\u3084\u30a2\u30ab\u30a6\u30f3\u30c8\u4e57\u3063\u53d6\u308a\u304c\u53ef\u80fd\u3002\nCVE-2026-56073 CVSS 9.4 | CRITICAL", "creation_timestamp": "2026-06-20T06:59:57.193692Z"} https://vulnerability.circl.lu/sighting/50e46777-b304-4f79-9e9b-3641a6407f28/export Sat, 20 Jun 2026 06:59:57 +0000 https://vulnerability.circl.lu/sighting/4c59b0fb-700f-4a87-a253-6d7153d54cba/export {"uuid": "4c59b0fb-700f-4a87-a253-6d7153d54cba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56073", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mop3ix2tpp2z", "content": "Daily IT Security Digest \u2014 2026-06-20\nCVE-2026-56073 (CRITICAL) allows OTP bypass through insufficient data authenticity checks, enabling attackers to activate two-factor authentication and take over accounts. EUVD-2026-38100 (8.7) and EUVD-2026-38099 (6.9) involve information disclosure via", "creation_timestamp": "2026-06-20T05:06:06.409474Z"} {"uuid": "4c59b0fb-700f-4a87-a253-6d7153d54cba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56073", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mop3ix2tpp2z", "content": "Daily IT Security Digest \u2014 2026-06-20\nCVE-2026-56073 (CRITICAL) allows OTP bypass through insufficient data authenticity checks, enabling attackers to activate two-factor authentication and take over accounts. EUVD-2026-38100 (8.7) and EUVD-2026-38099 (6.9) involve information disclosure via", "creation_timestamp": "2026-06-20T05:06:06.409474Z"} https://vulnerability.circl.lu/sighting/4c59b0fb-700f-4a87-a253-6d7153d54cba/export Sat, 20 Jun 2026 05:06:06 +0000 https://vulnerability.circl.lu/sighting/bdb6f574-09db-4040-be0d-8efc1512d522/export {"uuid": "bdb6f574-09db-4040-be0d-8efc1512d522", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56073", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3moouic4kvn2u", "content": "Cap-go capgo (<12.128.2) hit by CRITICAL CVE-2026-56073: OTP auth bypass lets attackers enable 2FA & take over accounts. No patch \u2014 monitor vendor channels for updates. https://radar.offseq.com/threat/cve-2026-56073-insufficient-verification-of-data-a-d7403d6896f5b084 #OffSeq #CVE #Security", "creation_timestamp": "2026-06-20T03:00:28.714462Z"} {"uuid": "bdb6f574-09db-4040-be0d-8efc1512d522", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56073", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3moouic4kvn2u", "content": "Cap-go capgo (<12.128.2) hit by CRITICAL CVE-2026-56073: OTP auth bypass lets attackers enable 2FA & take over accounts. No patch \u2014 monitor vendor channels for updates. https://radar.offseq.com/threat/cve-2026-56073-insufficient-verification-of-data-a-d7403d6896f5b084 #OffSeq #CVE #Security", "creation_timestamp": "2026-06-20T03:00:28.714462Z"} https://vulnerability.circl.lu/sighting/bdb6f574-09db-4040-be0d-8efc1512d522/export Sat, 20 Jun 2026 03:00:28 +0000 https://vulnerability.circl.lu/sighting/c2c38aa7-3412-46e3-9849-74827f058f5a/export {"uuid": "c2c38aa7-3412-46e3-9849-74827f058f5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56073", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116780199172553168", "content": "CVE-2026-56073 (CRITICAL) affects Cap-go capgo <12.128.2: Insufficient data authenticity checks allow OTP bypass, enabling attackers to activate 2FA & take over accounts. No patch yet \u2014 monitor vendor updates. https://radar.offseq.com/threat/cve-2026-56073-insufficient-verification-of-data-a-d7403d6896f5b084 #OffSeq #CVE #Infosec #AppSec", "creation_timestamp": "2026-06-20T03:00:27.713564Z"} {"uuid": "c2c38aa7-3412-46e3-9849-74827f058f5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56073", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116780199172553168", "content": "CVE-2026-56073 (CRITICAL) affects Cap-go capgo <12.128.2: Insufficient data authenticity checks allow OTP bypass, enabling attackers to activate 2FA & take over accounts. No patch yet \u2014 monitor vendor updates. https://radar.offseq.com/threat/cve-2026-56073-insufficient-verification-of-data-a-d7403d6896f5b084 #OffSeq #CVE #Infosec #AppSec", "creation_timestamp": "2026-06-20T03:00:27.713564Z"} https://vulnerability.circl.lu/sighting/c2c38aa7-3412-46e3-9849-74827f058f5a/export Sat, 20 Jun 2026 03:00:27 +0000 https://vulnerability.circl.lu/sighting/64e3fa8f-31ef-4b71-8bf6-325c4f08b3df/export {"uuid": "64e3fa8f-31ef-4b71-8bf6-325c4f08b3df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56073", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moohtqinc627", "content": "CVE-2026-56073 - Cap-go - OTP Bypass via Response Manipulation in Email Verification\nCVE ID : CVE-2026-56073\n \n Published : June 19, 2026, 9:39 p.m. | 1\u00a0hour, 30\u00a0minutes ago\n \n Description : Cap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verifica...", "creation_timestamp": "2026-06-19T23:14:13.486897Z"} {"uuid": "64e3fa8f-31ef-4b71-8bf6-325c4f08b3df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56073", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moohtqinc627", "content": "CVE-2026-56073 - Cap-go - OTP Bypass via Response Manipulation in Email Verification\nCVE ID : CVE-2026-56073\n \n Published : June 19, 2026, 9:39 p.m. | 1\u00a0hour, 30\u00a0minutes ago\n \n Description : Cap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verifica...", "creation_timestamp": "2026-06-19T23:14:13.486897Z"} https://vulnerability.circl.lu/sighting/64e3fa8f-31ef-4b71-8bf6-325c4f08b3df/export Fri, 19 Jun 2026 23:14:13 +0000 https://vulnerability.circl.lu/sighting/c29b5af4-690f-44b5-adce-bc536e316050/export {"uuid": "c29b5af4-690f-44b5-adce-bc536e316050", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56076", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mom7at33nr2r", "content": "CVE-2026-56076 - PraisonAI - Cross-Origin Agent Execution via Hardcoded Wildcard CORS and Missing Authentication on AGUI Endpoint\nCVE ID : CVE-2026-56076\n \n Published : June 18, 2026, 10:12 p.m. | 1\u00a0hour, 19\u00a0minutes ago\n \n Description : PraisonAI before 1.5.128 contains a cros...", "creation_timestamp": "2026-06-19T01:35:09.365871Z"} {"uuid": "c29b5af4-690f-44b5-adce-bc536e316050", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56076", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mom7at33nr2r", "content": "CVE-2026-56076 - PraisonAI - Cross-Origin Agent Execution via Hardcoded Wildcard CORS and Missing Authentication on AGUI Endpoint\nCVE ID : CVE-2026-56076\n \n Published : June 18, 2026, 10:12 p.m. | 1\u00a0hour, 19\u00a0minutes ago\n \n Description : PraisonAI before 1.5.128 contains a cros...", "creation_timestamp": "2026-06-19T01:35:09.365871Z"} https://vulnerability.circl.lu/sighting/c29b5af4-690f-44b5-adce-bc536e316050/export Fri, 19 Jun 2026 01:35:09 +0000 https://vulnerability.circl.lu/sighting/d11bec72-ff8a-409d-9d8a-ddde823fb9a4/export {"uuid": "d11bec72-ff8a-409d-9d8a-ddde823fb9a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56078", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mom6w2ozwi2r", "content": "CVE-2026-56078 - PraisonAI - Arbitrary File Read and Write via Path Traversal in MultiAgentMonitor\nCVE ID : CVE-2026-56078\n \n Published : June 18, 2026, 10:12 p.m. | 1\u00a0hour, 19\u00a0minutes ago\n \n Description : PraisonAI before 1.5.115 contains a path traversal vulnerability in Mul...", "creation_timestamp": "2026-06-19T01:29:08.165676Z"} {"uuid": "d11bec72-ff8a-409d-9d8a-ddde823fb9a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56078", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mom6w2ozwi2r", "content": "CVE-2026-56078 - PraisonAI - Arbitrary File Read and Write via Path Traversal in MultiAgentMonitor\nCVE ID : CVE-2026-56078\n \n Published : June 18, 2026, 10:12 p.m. | 1\u00a0hour, 19\u00a0minutes ago\n \n Description : PraisonAI before 1.5.115 contains a path traversal vulnerability in Mul...", "creation_timestamp": "2026-06-19T01:29:08.165676Z"} https://vulnerability.circl.lu/sighting/d11bec72-ff8a-409d-9d8a-ddde823fb9a4/export Fri, 19 Jun 2026 01:29:08 +0000 https://vulnerability.circl.lu/sighting/5c041e01-2c8d-4179-aaa6-eef583e6c4da/export {"uuid": "5c041e01-2c8d-4179-aaa6-eef583e6c4da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56075", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mom6n4ahpm2z", "content": "CVE-2026-56075 - PraisonAI - Arbitrary Shell Command Execution via Hardcoded Approval Mode Override\nCVE ID : CVE-2026-56075\n \n Published : June 18, 2026, 10:12 p.m. | 1\u00a0hour, 19\u00a0minutes ago\n \n Description : PraisonAI before 4.5.128 contains an arbitrary shell command execution...", "creation_timestamp": "2026-06-19T01:24:07.760018Z"} {"uuid": "5c041e01-2c8d-4179-aaa6-eef583e6c4da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56075", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mom6n4ahpm2z", "content": "CVE-2026-56075 - PraisonAI - Arbitrary Shell Command Execution via Hardcoded Approval Mode Override\nCVE ID : CVE-2026-56075\n \n Published : June 18, 2026, 10:12 p.m. | 1\u00a0hour, 19\u00a0minutes ago\n \n Description : PraisonAI before 4.5.128 contains an arbitrary shell command execution...", "creation_timestamp": "2026-06-19T01:24:07.760018Z"} https://vulnerability.circl.lu/sighting/5c041e01-2c8d-4179-aaa6-eef583e6c4da/export Fri, 19 Jun 2026 01:24:07 +0000