<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-17T22:55:06.873066+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c9fe9e68-ad0d-4c02-b043-d119391233ad/export</id>
    <title>c9fe9e68-ad0d-4c02-b043-d119391233ad</title>
    <updated>2026-07-17T22:55:06.895336+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c9fe9e68-ad0d-4c02-b043-d119391233ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46621", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqrxcl3oag2n", "content": "CVE-2026-46621 - Yamcs: Authenticated Remote Code Execution (RCE) via Jython Algorithm Code Injection\nCVE ID : CVE-2026-46621\n \n Published : July 16, 2026, 5:16 p.m. | 1\u00a0hour, 17\u00a0minutes ago\n \n Description : Yamcs is a mission control framework. Prior to 5.12.7, the Yamcs scri...", "creation_timestamp": "2026-07-16T19:19:19.786906Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c9fe9e68-ad0d-4c02-b043-d119391233ad/export"/>
    <published>2026-07-16T19:19:19.786906+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/721148ec-814f-4e8a-88ec-f61dfd588c21/export</id>
    <title>721148ec-814f-4e8a-88ec-f61dfd588c21</title>
    <updated>2026-07-17T22:55:06.898146+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "721148ec-814f-4e8a-88ec-f61dfd588c21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46621", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqroqkzgbc2j", "content": "CVE-2026-46621 - org.yamcs:yamcs-core\nAn attacker with permission to update mission databases can exploit Yamcs by inserting malicious code into Python algorithms. This allows them to run commands on the server,\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#yamcs #Java #CVE #infosec", "creation_timestamp": "2026-07-16T16:46:05.807082Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/721148ec-814f-4e8a-88ec-f61dfd588c21/export"/>
    <published>2026-07-16T16:46:05.807082+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/31920c73-212e-45e0-8aa4-023c3fd9bf68/export</id>
    <title>31920c73-212e-45e0-8aa4-023c3fd9bf68</title>
    <updated>2026-07-17T22:55:06.898471+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "31920c73-212e-45e0-8aa4-023c3fd9bf68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46622", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moc3io7van2x", "content": "\ud83d\udfe0 CVE-2026-46622 - High (8.1)\n\nSolidInvoice is an open-source invoicing platform. Prior to version 2.3.17, API tokens used to au...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-46622/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-15T01:01:21.272118Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/31920c73-212e-45e0-8aa4-023c3fd9bf68/export"/>
    <published>2026-06-15T01:01:21.272118+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ae625fb0-1f1d-45a3-ad4e-ced3f120bb6d/export</id>
    <title>ae625fb0-1f1d-45a3-ad4e-ced3f120bb6d</title>
    <updated>2026-07-17T22:55:06.898657+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ae625fb0-1f1d-45a3-ad4e-ced3f120bb6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46622", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mo26xyzixc2d", "content": "CVE-2026-46622 - SolidInvoice: API tokens stored as plaintext in the database allowing full credential compromise on database breach\nCVE ID : CVE-2026-46622\n \n Published : June 11, 2026, 8:16 p.m. | 1\u00a0hour, 3\u00a0minutes ago\n \n Description : SolidInvoice is an open-source invoicin...", "creation_timestamp": "2026-06-11T21:42:18.277180Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ae625fb0-1f1d-45a3-ad4e-ced3f120bb6d/export"/>
    <published>2026-06-11T21:42:18.277180+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/45a9a976-95a4-4ff2-9ba2-b7d412666871/export</id>
    <title>45a9a976-95a4-4ff2-9ba2-b7d412666871</title>
    <updated>2026-07-17T22:55:06.898770+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "45a9a976-95a4-4ff2-9ba2-b7d412666871", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46625", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mnxtfp7clr23", "content": "CVE-2026-46625 - Prototype Pollution in js-cookie &amp;lt; 3.0.7. CVSS 7.5. Unpatched. Hijacks Object.prototype via __proto__ assignment. Update immediately. #CVE #JavaScript #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-46625/", "creation_timestamp": "2026-06-10T23:09:53.292225Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/45a9a976-95a4-4ff2-9ba2-b7d412666871/export"/>
    <published>2026-06-10T23:09:53.292225+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ef32c352-1ca9-4b93-9fdc-478e955ba6c5/export</id>
    <title>ef32c352-1ca9-4b93-9fdc-478e955ba6c5</title>
    <updated>2026-07-17T22:55:06.898880+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ef32c352-1ca9-4b93-9fdc-478e955ba6c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46624", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mmtwwhceoy2u", "content": "\ud83d\udccc CVE-2026-46624 - Twenty is an open source CRM. From 1.7.7 through 1.16.7, a critical Remote Code Execution (RCE) vulnerability exists in Twenty CRM via a chained SQL I... https://www.cyberhub.blog/cves/CVE-2026-46624", "creation_timestamp": "2026-05-27T16:37:41.423142Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ef32c352-1ca9-4b93-9fdc-478e955ba6c5/export"/>
    <published>2026-05-27T16:37:41.423142+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b45c9928-8252-47af-82f8-f3756ade7810/export</id>
    <title>b45c9928-8252-47af-82f8-f3756ade7810</title>
    <updated>2026-07-17T22:55:06.898981+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "b45c9928-8252-47af-82f8-f3756ade7810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-46621", "type": "published-proof-of-concept", "source": "https://github.com/yamcs/yamcs/security/advisories/GHSA-2g95-6x5q-xjwj", "content": "", "creation_timestamp": "2026-05-21T15:02:27.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b45c9928-8252-47af-82f8-f3756ade7810/export"/>
    <published>2026-05-21T15:02:27+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b399e528-6ee0-424a-b777-bb047a4643df/export</id>
    <title>b399e528-6ee0-424a-b777-bb047a4643df</title>
    <updated>2026-07-17T22:55:06.900590+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b399e528-6ee0-424a-b777-bb047a4643df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46626", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmc3qc4eg22q", "content": "\ud83d\udd17 CVE : CVE-2026-45070, CVE-2026-45077, CVE-2026-45304, CVE-2026-45305, CVE-2026-45753, CVE-2026-45754, CVE-2026-45755, CVE-2026-45756, CVE-2026-46626, CVE-2026-47212", "creation_timestamp": "2026-05-20T14:15:13.876320Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b399e528-6ee0-424a-b777-bb047a4643df/export"/>
    <published>2026-05-20T14:15:13.876320+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5209fcfc-d9bb-47c1-b62e-58291f15df6f/export</id>
    <title>5209fcfc-d9bb-47c1-b62e-58291f15df6f</title>
    <updated>2026-07-17T22:55:06.900728+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5209fcfc-d9bb-47c1-b62e-58291f15df6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46626", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbqwtodhw2b", "content": "\ud83d\udd10 CVE-2026-46626: SymfonyRuntime CVE-2024-50340 Patch Bypass via parse_str/SAPI Argv Mismatch\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-46626-symfonyruntime-cve-2024-50340-patch-bypass-via-parse-str-sapi-argv-mismatch", "creation_timestamp": "2026-05-20T11:02:01.159613Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5209fcfc-d9bb-47c1-b62e-58291f15df6f/export"/>
    <published>2026-05-20T11:02:01.159613+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/961f8605-4db2-49b4-805a-6a98e74d612c/export</id>
    <title>961f8605-4db2-49b4-805a-6a98e74d612c</title>
    <updated>2026-07-17T22:55:06.900830+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "961f8605-4db2-49b4-805a-6a98e74d612c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46627", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbpa5zf3m2v", "content": "\ud83d\udd10 CVE-2026-46627: Sandbox does not protect against resource exhaustion\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-46627-sandbox-does-not-protect-against-resource-exhaustion", "creation_timestamp": "2026-05-20T10:31:26.743891Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/961f8605-4db2-49b4-805a-6a98e74d612c/export"/>
    <published>2026-05-20T10:31:26.743891+00:00</published>
  </entry>
</feed>
