<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Thu, 09 Jul 2026 22:25:39 +0000</lastBuildDate>
    <item>
      <title>00f7b647-988a-4341-82f8-12648eecc216</title>
      <link>https://vulnerability.circl.lu/sighting/00f7b647-988a-4341-82f8-12648eecc216/export</link>
      <description>{"uuid": "00f7b647-988a-4341-82f8-12648eecc216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56843", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq4633ovna2x", "content": "CVE-2026-56843 - WebPros Plesk XML-RPC API Incorrect Authorization Vulnerability\nCVE ID : CVE-2026-56843\n \n Published : July 8, 2026, 1:16 a.m. | 1\u00a0hour, 58\u00a0minutes ago\n \n Description : Incorrect authorization in the XML-RPC API of WebPros Plesk before 18.0.78.4 allows a low-p...", "creation_timestamp": "2026-07-08T03:21:50.884349Z"}</description>
      <content:encoded>{"uuid": "00f7b647-988a-4341-82f8-12648eecc216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56843", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq4633ovna2x", "content": "CVE-2026-56843 - WebPros Plesk XML-RPC API Incorrect Authorization Vulnerability\nCVE ID : CVE-2026-56843\n \n Published : July 8, 2026, 1:16 a.m. | 1\u00a0hour, 58\u00a0minutes ago\n \n Description : Incorrect authorization in the XML-RPC API of WebPros Plesk before 18.0.78.4 allows a low-p...", "creation_timestamp": "2026-07-08T03:21:50.884349Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/00f7b647-988a-4341-82f8-12648eecc216/export</guid>
      <pubDate>Wed, 08 Jul 2026 03:21:50 +0000</pubDate>
    </item>
    <item>
      <title>80fc8369-ed23-4638-9a48-7e77307f3098</title>
      <link>https://vulnerability.circl.lu/sighting/80fc8369-ed23-4638-9a48-7e77307f3098/export</link>
      <description>{"uuid": "80fc8369-ed23-4638-9a48-7e77307f3098", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56843", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq3ywy72aw2r", "content": "CVE-2026-56843\nA security issue in Plesk's XML-RPC API allows low-privileged users to see details of domains they don't own. This could lead to unauthorized access to sensitive information, such as FTP credentials, which\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-08T01:50:31.653088Z"}</description>
      <content:encoded>{"uuid": "80fc8369-ed23-4638-9a48-7e77307f3098", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56843", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq3ywy72aw2r", "content": "CVE-2026-56843\nA security issue in Plesk's XML-RPC API allows low-privileged users to see details of domains they don't own. This could lead to unauthorized access to sensitive information, such as FTP credentials, which\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-08T01:50:31.653088Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/80fc8369-ed23-4638-9a48-7e77307f3098/export</guid>
      <pubDate>Wed, 08 Jul 2026 01:50:31 +0000</pubDate>
    </item>
    <item>
      <title>3fddd886-4f25-442d-bfff-bad950d2ddf7</title>
      <link>https://vulnerability.circl.lu/sighting/3fddd886-4f25-442d-bfff-bad950d2ddf7/export</link>
      <description>{"uuid": "3fddd886-4f25-442d-bfff-bad950d2ddf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56843", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mq3xtwsr2j2i", "content": "WebPros Plesk &amp;lt;18.0.78.4: CRITICAL (CVSS 9.9) vuln lets low-privileged users access other tenants\u2019 FTP creds &amp;amp; execute code as them. Restrict XML-RPC API, monitor activity. Patch status pending. https://radar.offseq.com/threat/cve-2026-56843-cwe-522-insufficiently-protected-cr-45d7ae62ed3d3640 #O...", "creation_timestamp": "2026-07-08T01:30:28.957691Z"}</description>
      <content:encoded>{"uuid": "3fddd886-4f25-442d-bfff-bad950d2ddf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56843", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mq3xtwsr2j2i", "content": "WebPros Plesk &amp;lt;18.0.78.4: CRITICAL (CVSS 9.9) vuln lets low-privileged users access other tenants\u2019 FTP creds &amp;amp; execute code as them. Restrict XML-RPC API, monitor activity. Patch status pending. https://radar.offseq.com/threat/cve-2026-56843-cwe-522-insufficiently-protected-cr-45d7ae62ed3d3640 #O...", "creation_timestamp": "2026-07-08T01:30:28.957691Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3fddd886-4f25-442d-bfff-bad950d2ddf7/export</guid>
      <pubDate>Wed, 08 Jul 2026 01:30:28 +0000</pubDate>
    </item>
    <item>
      <title>45d40069-3c0b-4486-8301-1a179be30514</title>
      <link>https://vulnerability.circl.lu/sighting/45d40069-3c0b-4486-8301-1a179be30514/export</link>
      <description>{"uuid": "45d40069-3c0b-4486-8301-1a179be30514", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56843", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116881766886443952", "content": "CVE-2026-56843 (CRITICAL, CVSS 9.9): WebPros Plesk &amp;lt;18.0.78.4 has insufficient auth in XML-RPC API, letting low-privileged users access other tenants\u2019 cleartext FTP creds &amp;amp; run code as them. Restrict API access &amp;amp; monitor. https://radar.offseq.com/threat/cve-2026-56843-cwe-522-insufficiently-protected-cr-45d7ae62ed3d3640 #OffSeq #Infosec #Plesk", "creation_timestamp": "2026-07-08T01:30:26.980630Z"}</description>
      <content:encoded>{"uuid": "45d40069-3c0b-4486-8301-1a179be30514", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56843", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116881766886443952", "content": "CVE-2026-56843 (CRITICAL, CVSS 9.9): WebPros Plesk &amp;lt;18.0.78.4 has insufficient auth in XML-RPC API, letting low-privileged users access other tenants\u2019 cleartext FTP creds &amp;amp; run code as them. Restrict API access &amp;amp; monitor. https://radar.offseq.com/threat/cve-2026-56843-cwe-522-insufficiently-protected-cr-45d7ae62ed3d3640 #OffSeq #Infosec #Plesk", "creation_timestamp": "2026-07-08T01:30:26.980630Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/45d40069-3c0b-4486-8301-1a179be30514/export</guid>
      <pubDate>Wed, 08 Jul 2026 01:30:26 +0000</pubDate>
    </item>
  </channel>
</rss>
