Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 29 Jun 2026 00:48:08 +0000 9f970a1c-b345-4e81-b952-0b8656781586 https://vulnerability.circl.lu/sighting/9f970a1c-b345-4e81-b952-0b8656781586/export {"uuid": "9f970a1c-b345-4e81-b952-0b8656781586", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5639", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mit33t3ijv22", "content": "", "creation_timestamp": "2026-04-06T10:38:15.368898Z"} {"uuid": "9f970a1c-b345-4e81-b952-0b8656781586", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5639", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mit33t3ijv22", "content": "", "creation_timestamp": "2026-04-06T10:38:15.368898Z"} https://vulnerability.circl.lu/sighting/9f970a1c-b345-4e81-b952-0b8656781586/export Mon, 06 Apr 2026 10:38:15 +0000 204454f2-52e1-4db6-8ec4-02faf455b74c https://vulnerability.circl.lu/sighting/204454f2-52e1-4db6-8ec4-02faf455b74c/export {"uuid": "204454f2-52e1-4db6-8ec4-02faf455b74c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56395", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mosuvtxh662t", "content": "CVE-2026-56395 - SiYuan - Remote Code Execution via Malicious Bazaar Package Metadata and README\nCVE ID : CVE-2026-56395\n \n Published : June 21, 2026, 1:27 p.m. | 3\u00a0hours, 43\u00a0minutes ago\n \n Description : SiYuan before v3.6.1 fails to sanitize package metadata and README conten...", "creation_timestamp": "2026-06-21T17:20:33.769225Z"} {"uuid": "204454f2-52e1-4db6-8ec4-02faf455b74c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56395", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mosuvtxh662t", "content": "CVE-2026-56395 - SiYuan - Remote Code Execution via Malicious Bazaar Package Metadata and README\nCVE ID : CVE-2026-56395\n \n Published : June 21, 2026, 1:27 p.m. | 3\u00a0hours, 43\u00a0minutes ago\n \n Description : SiYuan before v3.6.1 fails to sanitize package metadata and README conten...", "creation_timestamp": "2026-06-21T17:20:33.769225Z"} https://vulnerability.circl.lu/sighting/204454f2-52e1-4db6-8ec4-02faf455b74c/export Sun, 21 Jun 2026 17:20:33 +0000 5db22089-5b3a-44b0-a124-fb32e65ff1cd https://vulnerability.circl.lu/sighting/5db22089-5b3a-44b0-a124-fb32e65ff1cd/export {"uuid": "5db22089-5b3a-44b0-a124-fb32e65ff1cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56396", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mosvznvljk2k", "content": "CVE-2026-56396 - phpMyFAQ - Privilege Escalation via Missing Authorization in editUser() and updateUserRights()\nCVE ID : CVE-2026-56396\n \n Published : June 21, 2026, 1:27 p.m. | 3\u00a0hours, 43\u00a0minutes ago\n \n Description : phpMyFAQ before 4.1.4 contains missing authorization vulne...", "creation_timestamp": "2026-06-21T17:38:43.600977Z"} {"uuid": "5db22089-5b3a-44b0-a124-fb32e65ff1cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56396", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mosvznvljk2k", "content": "CVE-2026-56396 - phpMyFAQ - Privilege Escalation via Missing Authorization in editUser() and updateUserRights()\nCVE ID : CVE-2026-56396\n \n Published : June 21, 2026, 1:27 p.m. | 3\u00a0hours, 43\u00a0minutes ago\n \n Description : phpMyFAQ before 4.1.4 contains missing authorization vulne...", "creation_timestamp": "2026-06-21T17:38:43.600977Z"} https://vulnerability.circl.lu/sighting/5db22089-5b3a-44b0-a124-fb32e65ff1cd/export Sun, 21 Jun 2026 17:38:43 +0000 9119483e-ee67-4f6d-8e43-71e94177d6b8 https://vulnerability.circl.lu/sighting/9119483e-ee67-4f6d-8e43-71e94177d6b8/export {"uuid": "9119483e-ee67-4f6d-8e43-71e94177d6b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56395", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motnwsotj62v", "content": "\ud83d\udea8 ALERT: CVE-2026-56395\n\nCVSS 9.6/10\n\n\ud83d\udccb WHAT IT IS:\nSiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject arbitrary HTML and JavaScript. Attackers can achieve remote code execution on any user browsing the ", "creation_timestamp": "2026-06-22T00:46:37.539358Z"} {"uuid": "9119483e-ee67-4f6d-8e43-71e94177d6b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56395", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motnwsotj62v", "content": "\ud83d\udea8 ALERT: CVE-2026-56395\n\nCVSS 9.6/10\n\n\ud83d\udccb WHAT IT IS:\nSiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject arbitrary HTML and JavaScript. Attackers can achieve remote code execution on any user browsing the ", "creation_timestamp": "2026-06-22T00:46:37.539358Z"} https://vulnerability.circl.lu/sighting/9119483e-ee67-4f6d-8e43-71e94177d6b8/export Mon, 22 Jun 2026 00:46:37 +0000 788beff4-f3e2-4600-9491-6117dae9a6b7 https://vulnerability.circl.lu/sighting/788beff4-f3e2-4600-9491-6117dae9a6b7/export {"uuid": "788beff4-f3e2-4600-9491-6117dae9a6b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56394", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116791170039431358", "content": "CVE-2026-56394: HIGH severity path traversal in Craft CMS 4.0.0-RC1 & 5.0.0-RC1. Authenticated attackers can read local files via assets/icon endpoint. Restrict access & monitor activity. No patch yet. https://radar.offseq.com/threat/cve-2026-56394-improper-limitation-of-a-pathname-t-139f3a46ea00069e #OffSeq #CraftCMS #Vuln #PathTraversal", "creation_timestamp": "2026-06-22T01:30:29.519228Z"} {"uuid": "788beff4-f3e2-4600-9491-6117dae9a6b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56394", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116791170039431358", "content": "CVE-2026-56394: HIGH severity path traversal in Craft CMS 4.0.0-RC1 & 5.0.0-RC1. Authenticated attackers can read local files via assets/icon endpoint. Restrict access & monitor activity. No patch yet. https://radar.offseq.com/threat/cve-2026-56394-improper-limitation-of-a-pathname-t-139f3a46ea00069e #OffSeq #CraftCMS #Vuln #PathTraversal", "creation_timestamp": "2026-06-22T01:30:29.519228Z"} https://vulnerability.circl.lu/sighting/788beff4-f3e2-4600-9491-6117dae9a6b7/export Mon, 22 Jun 2026 01:30:29 +0000 b3d1357b-0626-4d09-8811-cf0be2857c56 https://vulnerability.circl.lu/sighting/b3d1357b-0626-4d09-8811-cf0be2857c56/export {"uuid": "b3d1357b-0626-4d09-8811-cf0be2857c56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56394", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3motqfb5ttb2g", "content": "CVE-2026-56394: HIGH severity path traversal in Craft CMS 4.0.0-RC1 & 5.0.0-RC1. Authenticated attackers can read local files. Restrict access & monitor until a fix is released. https://radar.offseq.com/threat/cve-2026-56394-improper-limitation-of-a-pathname-t-139f3a46ea00069e #OffSeq #CraftCMS #...", "creation_timestamp": "2026-06-22T01:30:30.751319Z"} {"uuid": "b3d1357b-0626-4d09-8811-cf0be2857c56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56394", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3motqfb5ttb2g", "content": "CVE-2026-56394: HIGH severity path traversal in Craft CMS 4.0.0-RC1 & 5.0.0-RC1. Authenticated attackers can read local files. Restrict access & monitor until a fix is released. https://radar.offseq.com/threat/cve-2026-56394-improper-limitation-of-a-pathname-t-139f3a46ea00069e #OffSeq #CraftCMS #...", "creation_timestamp": "2026-06-22T01:30:30.751319Z"} https://vulnerability.circl.lu/sighting/b3d1357b-0626-4d09-8811-cf0be2857c56/export Mon, 22 Jun 2026 01:30:30 +0000 effc0945-e41f-4d62-9466-cf5759358f3c https://vulnerability.circl.lu/sighting/effc0945-e41f-4d62-9466-cf5759358f3c/export {"uuid": "effc0945-e41f-4d62-9466-cf5759358f3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56397", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3movykqubwq23", "content": "\ud83d\udea8 ALERT: CVE-2026-56397\n\nCVSS 9.6/10\n\n\ud83d\udccb WHAT IT IS:\nSiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject arbitrary HTML and JavaScript. Attackers can achieve remote code execution on any user browsing the ", "creation_timestamp": "2026-06-22T23:02:05.734664Z"} {"uuid": "effc0945-e41f-4d62-9466-cf5759358f3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56397", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3movykqubwq23", "content": "\ud83d\udea8 ALERT: CVE-2026-56397\n\nCVSS 9.6/10\n\n\ud83d\udccb WHAT IT IS:\nSiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject arbitrary HTML and JavaScript. Attackers can achieve remote code execution on any user browsing the ", "creation_timestamp": "2026-06-22T23:02:05.734664Z"} https://vulnerability.circl.lu/sighting/effc0945-e41f-4d62-9466-cf5759358f3c/export Mon, 22 Jun 2026 23:02:05 +0000