<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sun, 12 Jul 2026 03:00:30 +0000</lastBuildDate>
    <item>
      <title>a45bde89-2380-4072-833e-ad830e63918e</title>
      <link>https://vulnerability.circl.lu/sighting/a45bde89-2380-4072-833e-ad830e63918e/export</link>
      <description>{"uuid": "a45bde89-2380-4072-833e-ad830e63918e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-61445", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqfzplj5gq2d", "content": "CVE-2026-61445: CRITICAL path traversal in PraisonAI (&amp;lt;4.6.78) enables file write &amp;amp; root command exec via chat. No patch \u2014 restrict access &amp;amp; monitor AICoder use. https://radar.offseq.com/threat/cve-2026-61445-improper-limitation-of-a-pathname-t-188171a28e18ac5b #OffSeq #CVE202661445 #security", "creation_timestamp": "2026-07-12T01:30:27.653941Z"}</description>
      <content:encoded>{"uuid": "a45bde89-2380-4072-833e-ad830e63918e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-61445", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqfzplj5gq2d", "content": "CVE-2026-61445: CRITICAL path traversal in PraisonAI (&amp;lt;4.6.78) enables file write &amp;amp; root command exec via chat. No patch \u2014 restrict access &amp;amp; monitor AICoder use. https://radar.offseq.com/threat/cve-2026-61445-improper-limitation-of-a-pathname-t-188171a28e18ac5b #OffSeq #CVE202661445 #security", "creation_timestamp": "2026-07-12T01:30:27.653941Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a45bde89-2380-4072-833e-ad830e63918e/export</guid>
      <pubDate>Sun, 12 Jul 2026 01:30:27 +0000</pubDate>
    </item>
    <item>
      <title>7d6f42bf-51bc-40ca-9147-0510eaa07d58</title>
      <link>https://vulnerability.circl.lu/sighting/7d6f42bf-51bc-40ca-9147-0510eaa07d58/export</link>
      <description>{"uuid": "7d6f42bf-51bc-40ca-9147-0510eaa07d58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-61445", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116904416043130640", "content": "CVE-2026-61445 (CRITICAL, CVSS 9.4): PraisonAI &amp;lt;4.6.78 suffers path traversal &amp;amp; command injection via AICoder chat. Attackers gain root, write files anywhere. Restrict access &amp;amp; monitor \u2014 no patch yet. https://radar.offseq.com/threat/cve-2026-61445-improper-limitation-of-a-pathname-t-188171a28e18ac5b #OffSeq #CVE202661445 #AIsecurity #infosec", "creation_timestamp": "2026-07-12T01:30:25.817607Z"}</description>
      <content:encoded>{"uuid": "7d6f42bf-51bc-40ca-9147-0510eaa07d58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-61445", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116904416043130640", "content": "CVE-2026-61445 (CRITICAL, CVSS 9.4): PraisonAI &amp;lt;4.6.78 suffers path traversal &amp;amp; command injection via AICoder chat. Attackers gain root, write files anywhere. Restrict access &amp;amp; monitor \u2014 no patch yet. https://radar.offseq.com/threat/cve-2026-61445-improper-limitation-of-a-pathname-t-188171a28e18ac5b #OffSeq #CVE202661445 #AIsecurity #infosec", "creation_timestamp": "2026-07-12T01:30:25.817607Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7d6f42bf-51bc-40ca-9147-0510eaa07d58/export</guid>
      <pubDate>Sun, 12 Jul 2026 01:30:25 +0000</pubDate>
    </item>
    <item>
      <title>01b6071c-98d4-4b27-97e0-731dd6b5e8e5</title>
      <link>https://vulnerability.circl.lu/sighting/01b6071c-98d4-4b27-97e0-731dd6b5e8e5/export</link>
      <description>{"uuid": "01b6071c-98d4-4b27-97e0-731dd6b5e8e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61445", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116902362630060993", "content": "The severity is increased for this new vulnerability affecting MervinPraison PraisonAI (CVE-2026-61445) https://vuldb.com/vuln/377824", "creation_timestamp": "2026-07-11T16:48:12.808719Z"}</description>
      <content:encoded>{"uuid": "01b6071c-98d4-4b27-97e0-731dd6b5e8e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61445", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116902362630060993", "content": "The severity is increased for this new vulnerability affecting MervinPraison PraisonAI (CVE-2026-61445) https://vuldb.com/vuln/377824", "creation_timestamp": "2026-07-11T16:48:12.808719Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/01b6071c-98d4-4b27-97e0-731dd6b5e8e5/export</guid>
      <pubDate>Sat, 11 Jul 2026 16:48:12 +0000</pubDate>
    </item>
    <item>
      <title>27b1306b-79bb-4109-9614-f01532a00267</title>
      <link>https://vulnerability.circl.lu/sighting/27b1306b-79bb-4109-9614-f01532a00267/export</link>
      <description>{"uuid": "27b1306b-79bb-4109-9614-f01532a00267", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61445", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqeymykhpb27", "content": "CVE-2026-61445 - PraisonAI before 4.6.78 Arbitrary File Write and Command Execution\nCVE ID : CVE-2026-61445\n \n Published : July 11, 2026, 2:16 p.m. | 1\u00a0hour, 8\u00a0minutes ago\n \n Description : PraisonAI before 4.6.78 contains arbitrary file write and command execution vulnerabilit...", "creation_timestamp": "2026-07-11T15:38:26.824317Z"}</description>
      <content:encoded>{"uuid": "27b1306b-79bb-4109-9614-f01532a00267", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61445", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqeymykhpb27", "content": "CVE-2026-61445 - PraisonAI before 4.6.78 Arbitrary File Write and Command Execution\nCVE ID : CVE-2026-61445\n \n Published : July 11, 2026, 2:16 p.m. | 1\u00a0hour, 8\u00a0minutes ago\n \n Description : PraisonAI before 4.6.78 contains arbitrary file write and command execution vulnerabilit...", "creation_timestamp": "2026-07-11T15:38:26.824317Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/27b1306b-79bb-4109-9614-f01532a00267/export</guid>
      <pubDate>Sat, 11 Jul 2026 15:38:26 +0000</pubDate>
    </item>
    <item>
      <title>1ce68737-d1e2-4384-ab2f-7bb9b4ba3736</title>
      <link>https://vulnerability.circl.lu/sighting/1ce68737-d1e2-4384-ab2f-7bb9b4ba3736/export</link>
      <description>{"uuid": "1ce68737-d1e2-4384-ab2f-7bb9b4ba3736", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61445", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqewjmvsdf2b", "content": "\ud83d\udd34 CVE-2026-61445 - Critical (9.9)\n\nPraisonAI before 4.6.78 contains arbitrary file write and command execution vulnerabilities in th...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-61445/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-11T15:00:47.003813Z"}</description>
      <content:encoded>{"uuid": "1ce68737-d1e2-4384-ab2f-7bb9b4ba3736", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61445", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqewjmvsdf2b", "content": "\ud83d\udd34 CVE-2026-61445 - Critical (9.9)\n\nPraisonAI before 4.6.78 contains arbitrary file write and command execution vulnerabilities in th...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-61445/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-11T15:00:47.003813Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1ce68737-d1e2-4384-ab2f-7bb9b4ba3736/export</guid>
      <pubDate>Sat, 11 Jul 2026 15:00:47 +0000</pubDate>
    </item>
    <item>
      <title>f3c0832f-9e96-431b-bdcb-497d7fc4355a</title>
      <link>https://vulnerability.circl.lu/sighting/f3c0832f-9e96-431b-bdcb-497d7fc4355a/export</link>
      <description>{"uuid": "f3c0832f-9e96-431b-bdcb-497d7fc4355a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61445", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqevdbxrsj2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-61445 \u0432 PraisonAI: \u0443\u0433\u0440\u043e\u0437\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434\n\n\n\nhttps://kripta.biz/posts/135D33BB-4813-437A-85BA-257B6CDC0C3D", "creation_timestamp": "2026-07-11T14:39:19.745811Z"}</description>
      <content:encoded>{"uuid": "f3c0832f-9e96-431b-bdcb-497d7fc4355a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61445", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqevdbxrsj2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-61445 \u0432 PraisonAI: \u0443\u0433\u0440\u043e\u0437\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434\n\n\n\nhttps://kripta.biz/posts/135D33BB-4813-437A-85BA-257B6CDC0C3D", "creation_timestamp": "2026-07-11T14:39:19.745811Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/f3c0832f-9e96-431b-bdcb-497d7fc4355a/export</guid>
      <pubDate>Sat, 11 Jul 2026 14:39:19 +0000</pubDate>
    </item>
    <item>
      <title>26026efb-8e1a-440b-af0e-408d53d7fa21</title>
      <link>https://vulnerability.circl.lu/sighting/26026efb-8e1a-440b-af0e-408d53d7fa21/export</link>
      <description>{"uuid": "26026efb-8e1a-440b-af0e-408d53d7fa21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61445", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqeulnifn32v", "content": "CVE-2026-61445\nPraisonAI's AICoder component has a security flaw that allows attackers to write files anywhere on the system and run commands with high-level permissions through the chat interface. This means sensitive data\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-11T14:26:06.973252Z"}</description>
      <content:encoded>{"uuid": "26026efb-8e1a-440b-af0e-408d53d7fa21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61445", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqeulnifn32v", "content": "CVE-2026-61445\nPraisonAI's AICoder component has a security flaw that allows attackers to write files anywhere on the system and run commands with high-level permissions through the chat interface. This means sensitive data\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-11T14:26:06.973252Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/26026efb-8e1a-440b-af0e-408d53d7fa21/export</guid>
      <pubDate>Sat, 11 Jul 2026 14:26:06 +0000</pubDate>
    </item>
  </channel>
</rss>
