Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-14T23:58:41.200070+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/d14dbcae-dd61-48a1-9816-3dc6116bc0f9/export d14dbcae-dd61-48a1-9816-3dc6116bc0f9 2026-06-14T23:58:41.548921+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "d14dbcae-dd61-48a1-9816-3dc6116bc0f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41948", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116599359441666989", "content": "\ud83d\udea8 CRITICAL: CVE-2026-41948 in langgenius Dify \u22641.14.1 enables authenticated users to bypass tenant path restrictions and access internal REST API endpoints. No patch yet \u2014 restrict API access & monitor logs. Details: https://radar.offseq.com/threat/cve-2026-41948-relative-path-traversal-in-langgeni-65e19181 #OffSeq #vulnerability #infosec", "creation_timestamp": "2026-05-19T04:30:31.475799Z"} 2026-05-19T04:30:31.475799+00:00 https://vulnerability.circl.lu/sighting/a90f424b-35d4-4902-beab-2b409afac895/export a90f424b-35d4-4902-beab-2b409afac895 2026-06-14T23:58:41.548754+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "a90f424b-35d4-4902-beab-2b409afac895", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41948", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116601058386037204", "content": "Some increased actor activities are shown targeting langgenius dify (CVE-2026-41948) https://vuldb.com/vuln/364479/cti", "creation_timestamp": "2026-05-19T11:42:34.853421Z"} 2026-05-19T11:42:34.853421+00:00 https://vulnerability.circl.lu/sighting/a8acbeb9-53be-415f-9162-3c831eae641d/export a8acbeb9-53be-415f-9162-3c831eae641d 2026-06-14T23:58:41.548528+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "a8acbeb9-53be-415f-9162-3c831eae641d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41948", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mn5g36dibt2g", "content": "\u3010\u8106\u5f31\u6027\u60c5\u5831\u3011 CVE-2026-41948 Dify 1.14.1\u304a\u3088\u3073\u305d\u308c\u4ee5\u524d\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\n\nDify\u306e\u30d0\u30fc\u30b8\u30e7\u30f31.14.1\u304a\u3088\u3073\u305d\u308c\u4ee5\u524d\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u306b\u306f\u3001\u8a8d\u8a3c\u3055\u308c\u305f\u30e6\u30fc\u30b6\u30fc\u304cPlugin Daemon\u306e\u5185\u90e8REST API\u306b\u8ee2\u9001\u3055\u308c\u308b\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u64cd\u4f5c\u3067\u304d\u308b\u30d1\u30b9\u30fb\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u306e\u8106\u5f31\u6027\u304c\u3042\u308a\u307e\u3059\u3002", "creation_timestamp": "2026-05-31T11:02:08.432753Z"} 2026-05-31T11:02:08.432753+00:00 https://vulnerability.circl.lu/sighting/5cda7478-b824-4a4e-a932-c28ca239e543/export 5cda7478-b824-4a4e-a932-c28ca239e543 2026-06-14T23:58:41.546171+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "5cda7478-b824-4a4e-a932-c28ca239e543", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41948", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mnuxvice4k2o", "content": "LLM\u30a2\u30d7\u30ea\u958b\u767a\u57fa\u76e4\u300cDify\u300d\u306b\u8907\u6570\u306e\u30af\u30ea\u30c6\u30a3\u30ab\u30eb\u8106\u5f31\u6027\n\n\u5927\u898f\u6a21\u8a00\u8a9e\u30e2\u30c7\u30eb\uff08LLM\uff09\u30a2\u30d7\u30ea\u958b\u767a\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u300cDify\u300d\u306b\u60c5\u5831\u6f0f\u6d29\u3084\u8a2d\u5b9a\u306e\u6539\u3056\u3093\u306a\u3069\u8907\u6570\u306e\u8106\u5f31\u6027\u304c\u660e\u3089\u304b\u3068\u306a\u3063\u305f\u3002\n\n...\n\n\u300cCVE-2026-41948\u300d\u306f\u3001Plugin\u30c7\u30fc\u30e2\u30f3\u306e\u300cREST API\u300d\u306b\u304a\u3044\u3066\u8ee2\u9001\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u64cd\u4f5c\u3067\u304d\u308b\u30d1\u30b9\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u306e\u8106\u5f31\u6027\u3002\u30c6\u30ca\u30f3\u30c8\u306eUUID\u3092\u628a\u63e1\u3057\u3066\u3044\u308b\u5834\u5408\u306b\u3001\u30bf\u30b9\u30af\u8b58\u5225\u5b50\u3084\u30d5\u30a1\u30a4\u30eb\u540d\u30d1\u30e9\u30e1\u30fc\u30bf\u3092\u7d30\u5de5\u3057\u3066\u5185\u90e8\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u3078\u30a2\u30af\u30bb\u30b9\u3055\u308c\u308b\u304a\u305d\u308c\u304c\u3042\u308b\u3002\n\n\u300cCVE-2026-41947\u300d\u306f\u3001\u7de8\u96c6\u8005\u6a29\u9650\u306b\u304a\u3051\u308b\u8a8d\u53ef\u30d0\u30a4\u30d1\u30b9\u306e\u8106\u5f31\u6027\u3002\u30c8\u30ec\u30fc\u30b9\u8a2d\u5b9a\u306e\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u306b\u304a\u3051\u308b\u30c6\u30ca\u30f3\u30c8\u6240...", "creation_timestamp": "2026-06-09T19:52:19.294237Z"} 2026-06-09T19:52:19.294237+00:00