<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-04T21:11:18.561822+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9de98ff0-996a-4259-8b49-f48ad5135372/export</id>
    <title>9de98ff0-996a-4259-8b49-f48ad5135372</title>
    <updated>2026-07-04T21:11:18.585533+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9de98ff0-996a-4259-8b49-f48ad5135372", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2387", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mpstcgewpj2v", "content": "CVE-2026-2387 event-organiser (CVSS Score 6.4) \n\n#WordPress plugin #vulnerability #potatosecurity #wordpressfirewall #mashing #wpsecurity #atomicedge #potatosecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-07-04T10:15:08.159357Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9de98ff0-996a-4259-8b49-f48ad5135372/export"/>
    <published>2026-07-04T10:15:08.159357+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/005846ff-cf2d-41a4-b574-8ff2ce07835d/export</id>
    <title>005846ff-cf2d-41a4-b574-8ff2ce07835d</title>
    <updated>2026-07-04T21:11:18.588075+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "005846ff-cf2d-41a4-b574-8ff2ce07835d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2387", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3mpstcfv6pj2b", "content": "CVE-2026-2387 event-organiser (CVSS Score 6.4) \n\n#WordPress plugin #vulnerability #cybersecurity #wordpressfirewall #hacking #wpsecurity #atomicedge #cybersecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-07-04T10:15:07.616307Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/005846ff-cf2d-41a4-b574-8ff2ce07835d/export"/>
    <published>2026-07-04T10:15:07.616307+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/258719bd-8e3b-489d-9076-79e4ecc707be/export</id>
    <title>258719bd-8e3b-489d-9076-79e4ecc707be</title>
    <updated>2026-07-04T21:11:18.588348+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "258719bd-8e3b-489d-9076-79e4ecc707be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2387", "type": "seen", "source": "https://bsky.app/profile/qiancx.bsky.social/post/3mpljxyict32a", "content": "WordPress\u63d2\u4ef6\u6f0f\u6d1e\u8b66\u544a:Event Organiser\u5b58\u50a8\u578bXSS\u6f0f\u6d1e(CVE-2026-2387)\u8be6\u89e3\u4e0e\u9632\u62a4\u6307\u5357\n\n\n\nhttps://qian.cx/posts/8FF8D1F5-2A69-4711-93E7-DBED99392F61", "creation_timestamp": "2026-07-01T12:39:35.915436Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/258719bd-8e3b-489d-9076-79e4ecc707be/export"/>
    <published>2026-07-01T12:39:35.915436+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/0fdb2323-5d76-4daf-9bd8-fd4901bb5923/export</id>
    <title>0fdb2323-5d76-4daf-9bd8-fd4901bb5923</title>
    <updated>2026-07-04T21:11:18.588571+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "0fdb2323-5d76-4daf-9bd8-fd4901bb5923", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2387", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpljxtws6y26", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-2387 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 Event Organiser \u0434\u043b\u044f WordPress: \u0443\u0433\u0440\u043e\u0437\u0430 Stored XSS \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/248C5AB3-5480-4EC2-A667-C421658DD8FD", "creation_timestamp": "2026-07-01T12:39:31.592686Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/0fdb2323-5d76-4daf-9bd8-fd4901bb5923/export"/>
    <published>2026-07-01T12:39:31.592686+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b9ab550b-88be-4908-879f-0589ad657b1a/export</id>
    <title>b9ab550b-88be-4908-879f-0589ad657b1a</title>
    <updated>2026-07-04T21:11:18.588774+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b9ab550b-88be-4908-879f-0589ad657b1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23879", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mp326xv2w62h", "content": "CVE-2026-23879 - Critical RCE in Py7zr. Arbitrary file write via symbolic link chains allows escape from destination directory. CVSS 8.0. No patch available. Update or avoid extraction of untrusted 7z archives. #CVE #infosec #Python\n\nhttps://www.valtersit.com/cve/CVE-2026-23879/", "creation_timestamp": "2026-06-24T23:14:35.029665Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b9ab550b-88be-4908-879f-0589ad657b1a/export"/>
    <published>2026-06-24T23:14:35.029665+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/cab1d463-b341-48fe-b1d0-8f472bfca05c/export</id>
    <title>cab1d463-b341-48fe-b1d0-8f472bfca05c</title>
    <updated>2026-07-04T21:11:18.588982+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "cab1d463-b341-48fe-b1d0-8f472bfca05c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23879", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mp2wxlnzkj2d", "content": "py7zr 1.1.2\u4ee5\u524d\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u3067\u3001\u60aa\u610f\u306e\u3042\u308b\u30b7\u30f3\u30dc\u30ea\u30c3\u30af\u30ea\u30f3\u30af\u30c1\u30a7\u30fc\u30f3\u306b\u3088\u308a\u3001\u30a2\u30fc\u30ab\u30a4\u30d6\u5185\u306e\u30d5\u30a1\u30a4\u30eb\u304c\u6307\u5b9a\u5916\u306e\u5834\u6240\u306b\u66f8\u304d\u8fbc\u307e\u308c\u308b\u8106\u5f31\u6027\u3002\u3053\u308c\u306b\u3088\u308a\u3001\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u306a\u3069\u306e\u88ab\u5bb3\u3092\u53d7\u3051\u308b\u53ef\u80fd\u6027\u2026\nCVE-2026-23879 CVSS 8.0 | HIGH", "creation_timestamp": "2026-06-24T22:16:45.627156Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/cab1d463-b341-48fe-b1d0-8f472bfca05c/export"/>
    <published>2026-06-24T22:16:45.627156+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/fa614ba4-7aca-4be8-b19c-ca2a1b4a436a/export</id>
    <title>fa614ba4-7aca-4be8-b19c-ca2a1b4a436a</title>
    <updated>2026-07-04T21:11:18.589195+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "fa614ba4-7aca-4be8-b19c-ca2a1b4a436a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23879", "type": "published-proof-of-concept", "source": "https://github.com/miurahr/py7zr/security/advisories/GHSA-q6rc-2cgv-63h7", "content": "", "creation_timestamp": "2026-06-19T09:31:59.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/fa614ba4-7aca-4be8-b19c-ca2a1b4a436a/export"/>
    <published>2026-06-19T09:31:59+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9719f1eb-bff2-4968-848d-f8b50e80c859/export</id>
    <title>9719f1eb-bff2-4968-848d-f8b50e80c859</title>
    <updated>2026-07-04T21:11:18.590288+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9719f1eb-bff2-4968-848d-f8b50e80c859", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23870", "type": "seen", "source": "Telegram/O41s4ZacceniC-zmRdA20LKtlUfLN8dJaI2Rmc1hsAXigiA", "content": "", "creation_timestamp": "2026-05-13T21:00:04.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9719f1eb-bff2-4968-848d-f8b50e80c859/export"/>
    <published>2026-05-13T21:00:04+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/635ed5e7-7c90-4903-9543-eecb038122f0/export</id>
    <title>635ed5e7-7c90-4903-9543-eecb038122f0</title>
    <updated>2026-07-04T21:11:18.590412+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "635ed5e7-7c90-4903-9543-eecb038122f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23870", "type": "seen", "source": "https://t.me/GithubRedTeam/84090", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a nextjs-cve-2026-23870-checker\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a emresandikci\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-13 14:50:14\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nChecker and fixer for all 13 vulnerabilities in the Next.js May 2026 security release (CVE-2026-23870)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-13T15:00:06.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/635ed5e7-7c90-4903-9543-eecb038122f0/export"/>
    <published>2026-05-13T15:00:06+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/23d85e20-567d-4372-8991-129683ec5c03/export</id>
    <title>23d85e20-567d-4372-8991-129683ec5c03</title>
    <updated>2026-07-04T21:11:18.590520+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "23d85e20-567d-4372-8991-129683ec5c03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23870", "type": "published-proof-of-concept", "source": "https://t.me/htfgtps/1107", "content": "CVE-2026-23870, CVE-2026-44575, CVE-2026-44579, CVE-\n2026-44574, CVE-2026-44578, CVE-2026-44573, CVE-2026-\n44581, CVE-2026-44580, CVE-2026-44577, CVE-2026-44576,\nCVE-2026-44582, CVE-2026-44572\nhttps://github.com/dwisiswant0/next-16.2.4-pocs", "creation_timestamp": "2026-05-11T06:42:58.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/23d85e20-567d-4372-8991-129683ec5c03/export"/>
    <published>2026-05-11T06:42:58+00:00</published>
  </entry>
</feed>
