<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Thu, 09 Jul 2026 22:25:39 +0000</lastBuildDate>
    <item>
      <title>02873064-47e6-4536-a212-da4f28230610</title>
      <link>https://vulnerability.circl.lu/sighting/02873064-47e6-4536-a212-da4f28230610/export</link>
      <description>{"uuid": "02873064-47e6-4536-a212-da4f28230610", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-58473", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mq44uubeqs23", "content": "CVE-2026-58473: topoteretes cognee (&amp;lt;1.2.0) has a CRITICAL vuln \u2014 unauth attackers can hijack LLM config &amp;amp; exfiltrate user data. No fix yet. Restrict settings endpoint &amp;amp; monitor for changes. https://radar.offseq.com/threat/cve-2026-58473-missing-authorization-in-topoterete-619eb25f0ae3e3eb #OffSe...", "creation_timestamp": "2026-07-08T03:00:29.251058Z"}</description>
      <content:encoded>{"uuid": "02873064-47e6-4536-a212-da4f28230610", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-58473", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mq44uubeqs23", "content": "CVE-2026-58473: topoteretes cognee (&amp;lt;1.2.0) has a CRITICAL vuln \u2014 unauth attackers can hijack LLM config &amp;amp; exfiltrate user data. No fix yet. Restrict settings endpoint &amp;amp; monitor for changes. https://radar.offseq.com/threat/cve-2026-58473-missing-authorization-in-topoterete-619eb25f0ae3e3eb #OffSe...", "creation_timestamp": "2026-07-08T03:00:29.251058Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/02873064-47e6-4536-a212-da4f28230610/export</guid>
      <pubDate>Wed, 08 Jul 2026 03:00:29 +0000</pubDate>
    </item>
    <item>
      <title>b25d2659-e74a-43ef-a31c-4e19d53d5a37</title>
      <link>https://vulnerability.circl.lu/sighting/b25d2659-e74a-43ef-a31c-4e19d53d5a37/export</link>
      <description>{"uuid": "b25d2659-e74a-43ef-a31c-4e19d53d5a37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-58473", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116882120754434831", "content": "topoteretes cognee (&amp;lt;1.2.0) is affected by CVE-2026-58473 (CRITICAL, CVSS 9.3): improper access control lets unauth attackers overwrite LLM provider config &amp;amp; exfiltrate sensitive data. Restrict endpoint, monitor configs. https://radar.offseq.com/threat/cve-2026-58473-missing-authorization-in-topoterete-619eb25f0ae3e3eb #OffSeq #CVE #Infosec", "creation_timestamp": "2026-07-08T03:00:26.556037Z"}</description>
      <content:encoded>{"uuid": "b25d2659-e74a-43ef-a31c-4e19d53d5a37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-58473", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116882120754434831", "content": "topoteretes cognee (&amp;lt;1.2.0) is affected by CVE-2026-58473 (CRITICAL, CVSS 9.3): improper access control lets unauth attackers overwrite LLM provider config &amp;amp; exfiltrate sensitive data. Restrict endpoint, monitor configs. https://radar.offseq.com/threat/cve-2026-58473-missing-authorization-in-topoterete-619eb25f0ae3e3eb #OffSeq #CVE #Infosec", "creation_timestamp": "2026-07-08T03:00:26.556037Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b25d2659-e74a-43ef-a31c-4e19d53d5a37/export</guid>
      <pubDate>Wed, 08 Jul 2026 03:00:26 +0000</pubDate>
    </item>
    <item>
      <title>d55352ea-870d-4f5b-9570-84badaf35a70</title>
      <link>https://vulnerability.circl.lu/sighting/d55352ea-870d-4f5b-9570-84badaf35a70/export</link>
      <description>{"uuid": "d55352ea-870d-4f5b-9570-84badaf35a70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58473", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq3rk2sdn42k", "content": "CVE-2026-58473 - Cognee\nCVE ID : CVE-2026-58473\n \n Published : July 7, 2026, 9:17 p.m. | 1\u00a0hour, 57\u00a0minutes ago\n \n Description : Cognee before 1.2.0 contains an improper access control vulnerability that allows unauthenticated attackers to overwrite the global LLM provider con...", "creation_timestamp": "2026-07-07T23:37:34.328100Z"}</description>
      <content:encoded>{"uuid": "d55352ea-870d-4f5b-9570-84badaf35a70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58473", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq3rk2sdn42k", "content": "CVE-2026-58473 - Cognee\nCVE ID : CVE-2026-58473\n \n Published : July 7, 2026, 9:17 p.m. | 1\u00a0hour, 57\u00a0minutes ago\n \n Description : Cognee before 1.2.0 contains an improper access control vulnerability that allows unauthenticated attackers to overwrite the global LLM provider con...", "creation_timestamp": "2026-07-07T23:37:34.328100Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d55352ea-870d-4f5b-9570-84badaf35a70/export</guid>
      <pubDate>Tue, 07 Jul 2026 23:37:34 +0000</pubDate>
    </item>
    <item>
      <title>f8650fa5-d1a4-46aa-ad84-4bb8dc92b72b</title>
      <link>https://vulnerability.circl.lu/sighting/f8650fa5-d1a4-46aa-ad84-4bb8dc92b72b/export</link>
      <description>{"uuid": "f8650fa5-d1a4-46aa-ad84-4bb8dc92b72b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58473", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq3lnftqre2z", "content": "CVE-2026-58473\nAn attacker can create an account and change the way Cognee uses its language model. This allows them to steal information from other users, such as their prompts, documents, and knowledge. To fix this, update\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-07T21:52:04.471387Z"}</description>
      <content:encoded>{"uuid": "f8650fa5-d1a4-46aa-ad84-4bb8dc92b72b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58473", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq3lnftqre2z", "content": "CVE-2026-58473\nAn attacker can create an account and change the way Cognee uses its language model. This allows them to steal information from other users, such as their prompts, documents, and knowledge. To fix this, update\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-07T21:52:04.471387Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/f8650fa5-d1a4-46aa-ad84-4bb8dc92b72b/export</guid>
      <pubDate>Tue, 07 Jul 2026 21:52:04 +0000</pubDate>
    </item>
  </channel>
</rss>
