https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 22 Jun 2026 16:15:15 +0000 https://vulnerability.circl.lu/sighting/d5989e94-63c4-4be6-b8db-574531e2f345/export {"uuid": "d5989e94-63c4-4be6-b8db-574531e2f345", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-8157", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mouej4ydjs2l", "content": "Vitepos <3.4.2 HIGH severity vuln (CVE-2026-8157): Auth users with custom roles can escalate to admin via REST API. Restrict endpoint access & watch for vendor updates. https://radar.offseq.com/threat/cve-2026-8157-cwe-269-improper-privilege-managemen-ad086b248eb210ce #OffSeq #WordPress #Security", "creation_timestamp": "2026-06-22T07:30:35.025842Z"} {"uuid": "d5989e94-63c4-4be6-b8db-574531e2f345", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-8157", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mouej4ydjs2l", "content": "Vitepos <3.4.2 HIGH severity vuln (CVE-2026-8157): Auth users with custom roles can escalate to admin via REST API. Restrict endpoint access & watch for vendor updates. https://radar.offseq.com/threat/cve-2026-8157-cwe-269-improper-privilege-managemen-ad086b248eb210ce #OffSeq #WordPress #Security", "creation_timestamp": "2026-06-22T07:30:35.025842Z"} https://vulnerability.circl.lu/sighting/d5989e94-63c4-4be6-b8db-574531e2f345/export Mon, 22 Jun 2026 07:30:35 +0000 https://vulnerability.circl.lu/sighting/3c2472b2-bfcb-487e-a8d8-afa38af38723/export {"uuid": "3c2472b2-bfcb-487e-a8d8-afa38af38723", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-8157", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116792585922539614", "content": "Vitepos WordPress plugin <3.4.2 has a HIGH severity privilege escalation vuln (CVE-2026-8157). Auth users with custom Vitepos roles can become admins via REST API. Restrict API access & monitor for patches. https://radar.offseq.com/threat/cve-2026-8157-cwe-269-improper-privilege-managemen-ad086b248eb210ce #OffSeq #WordPress #CVE20268157 #Infosec", "creation_timestamp": "2026-06-22T07:30:35.542089Z"} {"uuid": "3c2472b2-bfcb-487e-a8d8-afa38af38723", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-8157", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116792585922539614", "content": "Vitepos WordPress plugin <3.4.2 has a HIGH severity privilege escalation vuln (CVE-2026-8157). Auth users with custom Vitepos roles can become admins via REST API. Restrict API access & monitor for patches. https://radar.offseq.com/threat/cve-2026-8157-cwe-269-improper-privilege-managemen-ad086b248eb210ce #OffSeq #WordPress #CVE20268157 #Infosec", "creation_timestamp": "2026-06-22T07:30:35.542089Z"} https://vulnerability.circl.lu/sighting/3c2472b2-bfcb-487e-a8d8-afa38af38723/export Mon, 22 Jun 2026 07:30:35 +0000 https://vulnerability.circl.lu/sighting/f38d98af-f8f4-4f79-a4a8-e59cf0955047/export {"uuid": "f38d98af-f8f4-4f79-a4a8-e59cf0955047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8157", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mougxkmsvw2y", "content": "CVE-2026-8157 - Vitepos\nCVE ID : CVE-2026-8157\n \n Published : June 22, 2026, 6 a.m. | 1\u00a0hour, 43\u00a0minutes ago\n \n Description : The Vitepos WordPress plugin before 3.4.2 does not properly restrict the roles that can be assigned when creating new users via one of its REST API end...", "creation_timestamp": "2026-06-22T08:14:26.442137Z"} {"uuid": "f38d98af-f8f4-4f79-a4a8-e59cf0955047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8157", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mougxkmsvw2y", "content": "CVE-2026-8157 - Vitepos\nCVE ID : CVE-2026-8157\n \n Published : June 22, 2026, 6 a.m. | 1\u00a0hour, 43\u00a0minutes ago\n \n Description : The Vitepos WordPress plugin before 3.4.2 does not properly restrict the roles that can be assigned when creating new users via one of its REST API end...", "creation_timestamp": "2026-06-22T08:14:26.442137Z"} https://vulnerability.circl.lu/sighting/f38d98af-f8f4-4f79-a4a8-e59cf0955047/export Mon, 22 Jun 2026 08:14:26 +0000