Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-25T01:40:58.483400+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/16fa22c9-ad7c-44a0-a5c4-025bb5c65836/export 16fa22c9-ad7c-44a0-a5c4-025bb5c65836 2026-06-25T01:40:58.501720+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "16fa22c9-ad7c-44a0-a5c4-025bb5c65836", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/bf6acc59-fb29-4fa8-8d1c-f32c78f9f8f3", "content": "", "creation_timestamp": "2026-06-23T18:00:02.589393Z"} 2026-06-23T18:00:02.589393+00:00 https://vulnerability.circl.lu/sighting/69f3d3d4-bcfb-4982-bc4c-615541c205fe/export 69f3d3d4-bcfb-4982-bc4c-615541c205fe 2026-06-25T01:40:58.501655+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "69f3d3d4-bcfb-4982-bc4c-615541c205fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34909", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3moxyrlwezv2m", "content": "\ud83d\uded1 CVE-2026-34909\nUbiquiti UniFi OS\nCVSS 10.0 / EPSS 1% / KEV: No\nTL;DR: A malicious actor with access to the network could exploit a Path Traversal vulnerabilit\u2026\nhttps://cvesentinel.com/report/CVE-2026-34909?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-06-23T18:11:12.920736Z"} 2026-06-23T18:11:12.920736+00:00 https://vulnerability.circl.lu/sighting/fc5fde66-33b5-4856-b825-1071b5c65b5e/export fc5fde66-33b5-4856-b825-1071b5c65b5e 2026-06-25T01:40:58.501588+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "fc5fde66-33b5-4856-b825-1071b5c65b5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6817244", "content": "2026-06-23: [CVE-2026-34908] Ubiquiti UniFi OS Improper Access Control VulnerabilityUbiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to the network to make unauthorized changes to the system.\ncisakev", "creation_timestamp": "2026-06-23T18:43:00.320273Z"} 2026-06-23T18:43:00.320273+00:00 https://vulnerability.circl.lu/sighting/7331b005-6192-41ad-ab4e-6976e3d5d208/export 7331b005-6192-41ad-ab4e-6976e3d5d208 2026-06-25T01:40:58.501513+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "7331b005-6192-41ad-ab4e-6976e3d5d208", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34909", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6817245", "content": "2026-06-23: [CVE-2026-34909] Ubiquiti UniFi OS Path Traversal VulnerabilityUbiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access to the network to access files on the underlying system that could be manipulated to access an underlying account.\ncisakev", "creation_timestamp": "2026-06-23T18:43:01.422610Z"} 2026-06-23T18:43:01.422610+00:00 https://vulnerability.circl.lu/sighting/42611f6b-c1df-4f6f-837c-820d24c73ffe/export 42611f6b-c1df-4f6f-837c-820d24c73ffe 2026-06-25T01:40:58.501445+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "42611f6b-c1df-4f6f-837c-820d24c73ffe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116800974631729730", "content": "CISA has updated the KEV catalogue:\n- CVE-2026-34908: Ubiquiti UniFi OS Improper Access Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34908\n- CVE-2026-34909: Ubiquiti UniFi OS Path Traversal Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34909\n- CVE-2026-34910: Ubiquiti UniFi OS Improper Input Validation Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34910\n- CVE-2025-67038: Lantronix EDS5000 Code Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-67038 #CISA #infosec #vulnerability", "creation_timestamp": "2026-06-23T19:03:54.837105Z"} 2026-06-23T19:03:54.837105+00:00 https://vulnerability.circl.lu/sighting/f2b607c5-c715-4663-a5c0-2b1d8217c417/export f2b607c5-c715-4663-a5c0-2b1d8217c417 2026-06-25T01:40:58.501374+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "f2b607c5-c715-4663-a5c0-2b1d8217c417", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34909", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116800974631729730", "content": "CISA has updated the KEV catalogue:\n- CVE-2026-34908: Ubiquiti UniFi OS Improper Access Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34908\n- CVE-2026-34909: Ubiquiti UniFi OS Path Traversal Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34909\n- CVE-2026-34910: Ubiquiti UniFi OS Improper Input Validation Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34910\n- CVE-2025-67038: Lantronix EDS5000 Code Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-67038 #CISA #infosec #vulnerability", "creation_timestamp": "2026-06-23T19:03:54.878391Z"} 2026-06-23T19:03:54.878391+00:00 https://vulnerability.circl.lu/sighting/7cb56bc8-6441-4a40-8aa4-6b75c2eecded/export 7cb56bc8-6441-4a40-8aa4-6b75c2eecded 2026-06-25T01:40:58.501300+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "7cb56bc8-6441-4a40-8aa4-6b75c2eecded", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3moy6knfu2c2z", "content": "\ud83d\udd34 EXPLOITED\n\nPatched in May. Being exploited in June.\n\nIf you self-host UniFi OS Server, anyone who can reach its web page can get root with no login.\n\nUpdate to 5.0.8 now and lock down who can reach it. (CVE-2026-34908/909/910)", "creation_timestamp": "2026-06-23T19:54:42.525621Z"} 2026-06-23T19:54:42.525621+00:00 https://vulnerability.circl.lu/sighting/6b329ed0-1a0b-45e5-8749-c45797d7d246/export 6b329ed0-1a0b-45e5-8749-c45797d7d246 2026-06-25T01:40:58.501218+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "6b329ed0-1a0b-45e5-8749-c45797d7d246", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mozwu5rpct2w", "content": "Threat actors exploited three critical Ubiquiti UniFi OS vulnerabilities (CVE-2026-34908/34909/34910) to bypass authentication, access/manipulate files, and execute command injection.\n", "creation_timestamp": "2026-06-24T12:42:25.590280Z"} 2026-06-24T12:42:25.590280+00:00 https://vulnerability.circl.lu/sighting/0db9a27c-77c1-4a21-8c24-885758effb30/export 0db9a27c-77c1-4a21-8c24-885758effb30 2026-06-25T01:40:58.501118+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "0db9a27c-77c1-4a21-8c24-885758effb30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116805325963552354", "content": "CRITICAL UniFi OS vulnerabilities (CVE-2026-34908/09/10) allow remote, unauthenticated attackers to bypass auth and execute commands (pre-5.0.8). Exploited in the wild. Patch ASAP: https://radar.offseq.com/threat/critical-ubiquiti-vulnerabilities-in-attackers-cro-da638630474e46d7 #OffSeq #infosec #Ubiquiti #vulnerability", "creation_timestamp": "2026-06-24T13:30:31.472177Z"} 2026-06-24T13:30:31.472177+00:00 https://vulnerability.circl.lu/sighting/0c6c25e1-59ba-479d-88aa-4059c689923e/export 0c6c25e1-59ba-479d-88aa-4059c689923e 2026-06-25T01:40:58.499786+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "0c6c25e1-59ba-479d-88aa-4059c689923e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mp242uf3ov2y", "content": "CISA added 3 actively exploited Ubiquiti UniFi OS flaws, including CVE-2026-34908, -34909, and -34910. BishopFox says chained bugs can bypass auth, inject commands, and enable rogue admin creation. #Ubiquiti #UniFiOS #CISA", "creation_timestamp": "2026-06-24T14:15:24.622472Z"} 2026-06-24T14:15:24.622472+00:00