Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-25T12:21:37.739448+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/a8c5c901-c1f2-46c9-a289-66bf469070ce/export a8c5c901-c1f2-46c9-a289-66bf469070ce 2026-06-25T12:21:37.759635+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "a8c5c901-c1f2-46c9-a289-66bf469070ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11374", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mox6zvolwn2f", "content": "Zoho ManageEngine ADSelfService Plus faces CRITICAL CVE-2026-11374: predictable SSO tickets let attackers hijack accounts. No patch \u2014 monitor vendor updates and restrict access. https://radar.offseq.com/threat/cve-2026-11374-cwe-340-generation-of-predictable-n-3400726b0246539c #OffSeq #Zoho #SSO", "creation_timestamp": "2026-06-23T10:30:35.844123Z"} 2026-06-23T10:30:35.844123+00:00 https://vulnerability.circl.lu/sighting/a248eeb5-a98f-465c-b87f-80494043795d/export a248eeb5-a98f-465c-b87f-80494043795d 2026-06-25T12:21:37.759563+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "a248eeb5-a98f-465c-b87f-80494043795d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11374", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116798955994793705", "content": "Zoho ManageEngine ADSelfService Plus hit by CRITICAL CVE-2026-11374: predictable SSO tickets enable unauthenticated account takeover. No patch yet \u2014 monitor advisories and review exposure. https://radar.offseq.com/threat/cve-2026-11374-cwe-340-generation-of-predictable-n-3400726b0246539c #OffSeq #Zoho #Vuln #SSO #Infosec", "creation_timestamp": "2026-06-23T10:30:36.922945Z"} 2026-06-23T10:30:36.922945+00:00 https://vulnerability.circl.lu/sighting/a42cd323-f3de-4990-8b79-8008434b5d96/export a42cd323-f3de-4990-8b79-8008434b5d96 2026-06-25T12:21:37.759485+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "a42cd323-f3de-4990-8b79-8008434b5d96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11374", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moxbkdgb2s2j", "content": "CVE-2026-11374 - Account Takeover via Predictable SSO Ticket Generation\nCVE ID : CVE-2026-11374\n \n Published : 23 juin 2026 08:19 | 1\u00a0heure, 23\u00a0minutes ago\n \n Description : In ManageEngine ADSelfService Plus, RecoveryManager Plus, M365 Manager Plus, and ADAudit Plus, the SSO t...", "creation_timestamp": "2026-06-23T11:15:33.375690Z"} 2026-06-23T11:15:33.375690+00:00 https://vulnerability.circl.lu/sighting/84033b7a-b17f-44a7-b822-0825637b0573/export 84033b7a-b17f-44a7-b822-0825637b0573 2026-06-25T12:21:37.759328+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "84033b7a-b17f-44a7-b822-0825637b0573", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11374", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116804624818581404", "content": "A lot of offensive activities were identified targeting Zoho ManageEngine ADSelfService Plus and other products (CVE-2026-11374) https://vuldb.com/vuln/372876/cti", "creation_timestamp": "2026-06-24T10:32:12.577287Z"} 2026-06-24T10:32:12.577287+00:00 https://vulnerability.circl.lu/sighting/e6d7f9b5-6c55-47e1-ae17-a8f03d2cc559/export e6d7f9b5-6c55-47e1-ae17-a8f03d2cc559 2026-06-25T12:21:37.756422+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "e6d7f9b5-6c55-47e1-ae17-a8f03d2cc559", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11374", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mp4dmpv6ch2c", "content": "CVE-2026-11374: Critical AD360 SSO Flaw Lets Attackers Predict Login Tickets and Take Over Enterprise Accounts +\u00a0Video\n\n\ud83e\udde8 Introduction: A Silent Identity Crisis Inside Enterprise Access Systems A newly disclosed high-severity vulnerability, CVE-2026-11374, has sent shockwaves through enterprise\u2026", "creation_timestamp": "2026-06-25T11:35:59.900879Z"} 2026-06-25T11:35:59.900879+00:00