<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sun, 12 Jul 2026 03:01:00 +0000</lastBuildDate>
    <item>
      <title>54433f20-a05c-487e-81d4-185c7df43815</title>
      <link>https://vulnerability.circl.lu/sighting/54433f20-a05c-487e-81d4-185c7df43815/export</link>
      <description>{"uuid": "54433f20-a05c-487e-81d4-185c7df43815", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-61447", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqfuoz6eil2g", "content": "PraisonAI &amp;lt;1.6.78 hit by CRITICAL CVE-2026-61447: unauthenticated RCE via prompt injection allows code execution &amp;amp; secret exfiltration. No fix yet \u2014 restrict access, monitor usage. https://radar.offseq.com/threat/cve-2026-61447-improper-control-of-generation-of-c-51bde3fa75b4e680 #OffSeq #CVE2026...", "creation_timestamp": "2026-07-12T00:00:39.660973Z"}</description>
      <content:encoded>{"uuid": "54433f20-a05c-487e-81d4-185c7df43815", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-61447", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqfuoz6eil2g", "content": "PraisonAI &amp;lt;1.6.78 hit by CRITICAL CVE-2026-61447: unauthenticated RCE via prompt injection allows code execution &amp;amp; secret exfiltration. No fix yet \u2014 restrict access, monitor usage. https://radar.offseq.com/threat/cve-2026-61447-improper-control-of-generation-of-c-51bde3fa75b4e680 #OffSeq #CVE2026...", "creation_timestamp": "2026-07-12T00:00:39.660973Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/54433f20-a05c-487e-81d4-185c7df43815/export</guid>
      <pubDate>Sun, 12 Jul 2026 00:00:39 +0000</pubDate>
    </item>
    <item>
      <title>31c5354d-78c4-4eb0-9e70-99d7664ef9f0</title>
      <link>https://vulnerability.circl.lu/sighting/31c5354d-78c4-4eb0-9e70-99d7664ef9f0/export</link>
      <description>{"uuid": "31c5354d-78c4-4eb0-9e70-99d7664ef9f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-61447", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116904062949725994", "content": "CVE-2026-61447: CRITICAL RCE in MervinPraison PraisonAI (&amp;lt;1.6.78). Unauthenticated attackers can exploit prompt injection to run arbitrary Python, risking system compromise &amp;amp; secret leaks. No patch yet \u2014 restrict exposure &amp;amp; monitor use. https://radar.offseq.com/threat/cve-2026-61447-improper-control-of-generation-of-c-51bde3fa75b4e680 #OffSeq #CVE202661447 #infosec #RCE", "creation_timestamp": "2026-07-12T00:00:37.795198Z"}</description>
      <content:encoded>{"uuid": "31c5354d-78c4-4eb0-9e70-99d7664ef9f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-61447", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116904062949725994", "content": "CVE-2026-61447: CRITICAL RCE in MervinPraison PraisonAI (&amp;lt;1.6.78). Unauthenticated attackers can exploit prompt injection to run arbitrary Python, risking system compromise &amp;amp; secret leaks. No patch yet \u2014 restrict exposure &amp;amp; monitor use. https://radar.offseq.com/threat/cve-2026-61447-improper-control-of-generation-of-c-51bde3fa75b4e680 #OffSeq #CVE202661447 #infosec #RCE", "creation_timestamp": "2026-07-12T00:00:37.795198Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/31c5354d-78c4-4eb0-9e70-99d7664ef9f0/export</guid>
      <pubDate>Sun, 12 Jul 2026 00:00:37 +0000</pubDate>
    </item>
    <item>
      <title>aee72f21-7cd9-46d2-be08-6a28613cf2ee</title>
      <link>https://vulnerability.circl.lu/sighting/aee72f21-7cd9-46d2-be08-6a28613cf2ee/export</link>
      <description>{"uuid": "aee72f21-7cd9-46d2-be08-6a28613cf2ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61447", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3mqf5o6os3s2j", "content": "\ud83d\udc1b VULNERABILITIES CVE Notify: \ud83d\udea8 [CVE-2026-61447](https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2xv2-w8cq-5g...\nhttps://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2xv2-w8cq-5gxw #PatchManagement #Vulnerability #CVE", "creation_timestamp": "2026-07-11T17:08:35.322377Z"}</description>
      <content:encoded>{"uuid": "aee72f21-7cd9-46d2-be08-6a28613cf2ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61447", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3mqf5o6os3s2j", "content": "\ud83d\udc1b VULNERABILITIES CVE Notify: \ud83d\udea8 [CVE-2026-61447](https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2xv2-w8cq-5g...\nhttps://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2xv2-w8cq-5gxw #PatchManagement #Vulnerability #CVE", "creation_timestamp": "2026-07-11T17:08:35.322377Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/aee72f21-7cd9-46d2-be08-6a28613cf2ee/export</guid>
      <pubDate>Sat, 11 Jul 2026 17:08:35 +0000</pubDate>
    </item>
    <item>
      <title>4960fa18-31e7-4581-bb02-fd765a52f1be</title>
      <link>https://vulnerability.circl.lu/sighting/4960fa18-31e7-4581-bb02-fd765a52f1be/export</link>
      <description>{"uuid": "4960fa18-31e7-4581-bb02-fd765a52f1be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61447", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqey52ii3c2e", "content": "CVE-2026-61447 - PraisonAI before 1.6.78 Remote Code Execution via CodeAgent\nCVE ID : CVE-2026-61447\n \n Published : July 11, 2026, 2:16 p.m. | 1\u00a0hour, 8\u00a0minutes ago\n \n Description : PraisonAI before 1.6.78 contains a remote code execution vulnerability in CodeAgent._execute_py...", "creation_timestamp": "2026-07-11T15:29:31.906431Z"}</description>
      <content:encoded>{"uuid": "4960fa18-31e7-4581-bb02-fd765a52f1be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61447", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqey52ii3c2e", "content": "CVE-2026-61447 - PraisonAI before 1.6.78 Remote Code Execution via CodeAgent\nCVE ID : CVE-2026-61447\n \n Published : July 11, 2026, 2:16 p.m. | 1\u00a0hour, 8\u00a0minutes ago\n \n Description : PraisonAI before 1.6.78 contains a remote code execution vulnerability in CodeAgent._execute_py...", "creation_timestamp": "2026-07-11T15:29:31.906431Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/4960fa18-31e7-4581-bb02-fd765a52f1be/export</guid>
      <pubDate>Sat, 11 Jul 2026 15:29:31 +0000</pubDate>
    </item>
    <item>
      <title>73946f03-bc79-4eb0-a9f4-6eb7c4897e14</title>
      <link>https://vulnerability.circl.lu/sighting/73946f03-bc79-4eb0-a9f4-6eb7c4897e14/export</link>
      <description>{"uuid": "73946f03-bc79-4eb0-a9f4-6eb7c4897e14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61447", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqewjtit5p25", "content": "\ud83d\udd34 CVE-2026-61447 - Critical (10)\n\nPraisonAI before 1.6.78 contains a remote code execution vulnerability in CodeAgent._execute_pyth...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-61447/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-11T15:00:53.535797Z"}</description>
      <content:encoded>{"uuid": "73946f03-bc79-4eb0-a9f4-6eb7c4897e14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61447", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqewjtit5p25", "content": "\ud83d\udd34 CVE-2026-61447 - Critical (10)\n\nPraisonAI before 1.6.78 contains a remote code execution vulnerability in CodeAgent._execute_pyth...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-61447/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-11T15:00:53.535797Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/73946f03-bc79-4eb0-a9f4-6eb7c4897e14/export</guid>
      <pubDate>Sat, 11 Jul 2026 15:00:53 +0000</pubDate>
    </item>
    <item>
      <title>bcdf794f-549c-4533-b44a-482307baecfe</title>
      <link>https://vulnerability.circl.lu/sighting/bcdf794f-549c-4533-b44a-482307baecfe/export</link>
      <description>{"uuid": "bcdf794f-549c-4533-b44a-482307baecfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61447", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqev5jlzua2c", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-61447 \u0432 PraisonAI: \u0443\u0433\u0440\u043e\u0437\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/8E1F4B34-D2B6-47CA-8519-4CC45C4520D2", "creation_timestamp": "2026-07-11T14:36:06.445143Z"}</description>
      <content:encoded>{"uuid": "bcdf794f-549c-4533-b44a-482307baecfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61447", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqev5jlzua2c", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-61447 \u0432 PraisonAI: \u0443\u0433\u0440\u043e\u0437\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/8E1F4B34-D2B6-47CA-8519-4CC45C4520D2", "creation_timestamp": "2026-07-11T14:36:06.445143Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/bcdf794f-549c-4533-b44a-482307baecfe/export</guid>
      <pubDate>Sat, 11 Jul 2026 14:36:06 +0000</pubDate>
    </item>
    <item>
      <title>41486b02-b320-4658-adcc-b5373d9fe8ad</title>
      <link>https://vulnerability.circl.lu/sighting/41486b02-b320-4658-adcc-b5373d9fe8ad/export</link>
      <description>{"uuid": "41486b02-b320-4658-adcc-b5373d9fe8ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61447", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqeup5otvv2b", "content": "CVE-2026-61447\nPraisonAI versions prior to 1.6.78 are at risk of attackers executing malicious code on the host system. This is due to a lack of validation and restrictions on Python code generated by the Large Language Model\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-11T14:28:04.214435Z"}</description>
      <content:encoded>{"uuid": "41486b02-b320-4658-adcc-b5373d9fe8ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61447", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqeup5otvv2b", "content": "CVE-2026-61447\nPraisonAI versions prior to 1.6.78 are at risk of attackers executing malicious code on the host system. This is due to a lack of validation and restrictions on Python code generated by the Large Language Model\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-11T14:28:04.214435Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/41486b02-b320-4658-adcc-b5373d9fe8ad/export</guid>
      <pubDate>Sat, 11 Jul 2026 14:28:04 +0000</pubDate>
    </item>
  </channel>
</rss>
