<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-10T20:32:38.273611+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/0be0150c-55da-491d-8302-5ee91567e889/export</id>
    <title>0be0150c-55da-491d-8302-5ee91567e889</title>
    <updated>2026-07-10T20:32:38.293183+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "0be0150c-55da-491d-8302-5ee91567e889", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-34038", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mq52efukpq2n", "content": "\u26a0\ufe0f CVSS 9.9. Authenticated remote command injection. That's not a typo.\n\nhttps://www.yazoul.net/advisory/cve/cve-2026-34038-coolify-rce-leaks-secrets-poc/\n\n#CVE #CyberSecurity", "creation_timestamp": "2026-07-08T11:48:08.951037Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/0be0150c-55da-491d-8302-5ee91567e889/export"/>
    <published>2026-07-08T11:48:08.951037+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/155f6350-3e54-4891-8c3f-6312d2a818f3/export</id>
    <title>155f6350-3e54-4891-8c3f-6312d2a818f3</title>
    <updated>2026-07-10T20:32:38.295101+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "155f6350-3e54-4891-8c3f-6312d2a818f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34038", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mq36shckli2n", "content": "CVSS 9.9. Authenticated remote command injection. Public exploit available.\n\nCVE-2026-34038.\n\nhttps://www.yazoul.net/news/article/attackers-exploit-simplehelp-cve-2026-48558-to-deploy-taskweaver-and-djinn-steal/\n\n#CyberSecurity #Security", "creation_timestamp": "2026-07-07T18:02:15.070624Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/155f6350-3e54-4891-8c3f-6312d2a818f3/export"/>
    <published>2026-07-07T18:02:15.070624+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bbe8c964-41fa-4c10-9ac8-b23858451098/export</id>
    <title>bbe8c964-41fa-4c10-9ac8-b23858451098</title>
    <updated>2026-07-10T20:32:38.295236+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "bbe8c964-41fa-4c10-9ac8-b23858451098", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34038", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpz22rxij323", "content": "CVE-2026-34038 - coolify\nCoolify, a server management tool, had a security flaw that allowed users with permission to manage applications to access the server remotely and steal sensitive information.\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#coolify #coollabsio #CVE #infosec", "creation_timestamp": "2026-07-06T21:32:06.220996Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bbe8c964-41fa-4c10-9ac8-b23858451098/export"/>
    <published>2026-07-06T21:32:06.220996+00:00</published>
  </entry>
</feed>
