<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-04T18:57:20.151347+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3d1ba36a-7ec6-48e9-8255-014c82f4c1a4/export</id>
    <title>3d1ba36a-7ec6-48e9-8255-014c82f4c1a4</title>
    <updated>2026-07-04T18:57:20.178237+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3d1ba36a-7ec6-48e9-8255-014c82f4c1a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/netalexx.bsky.social/post/3mpszfmkkxc2i", "content": "phpBB PTT-2026-004 (CVE-2026-48611) requires a single unauthenticated HTTP request and works on default phpBB installations. PTT-2026-005 (CVE-2026-48612) requires phpBB to have OAuth configured", "creation_timestamp": "2026-07-04T12:04:19.673743Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3d1ba36a-7ec6-48e9-8255-014c82f4c1a4/export"/>
    <published>2026-07-04T12:04:19.673743+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/195ee082-8598-46f1-948a-8df61571c3dc/export</id>
    <title>195ee082-8598-46f1-948a-8df61571c3dc</title>
    <updated>2026-07-04T18:57:20.180709+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "195ee082-8598-46f1-948a-8df61571c3dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpsqqpiqcc2k", "content": "\ud83d\udc49 PTT-2026-004 (CVE-2026-48611, 9.4): the PoC shows the full path from a single crafted request to a valid admin session. No credentials that work, no prior access, no user interaction. Just the request and the session cookie that _shouldn't_ exist.\n\nAND", "creation_timestamp": "2026-07-04T09:29:30.084249Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/195ee082-8598-46f1-948a-8df61571c3dc/export"/>
    <published>2026-07-04T09:29:30.084249+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/058122fe-b188-49bb-bda8-a9844b365d0e/export</id>
    <title>058122fe-b188-49bb-bda8-a9844b365d0e</title>
    <updated>2026-07-04T18:57:20.180940+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "058122fe-b188-49bb-bda8-a9844b365d0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpsqqogfo22k", "content": "\ud83d\udc49 PTT-2026-004 (CVE-2026-48611, 9.4): the PoC shows the full path from a single crafted request to a valid admin session. No credentials that work, no prior access, no user interaction. Just the request and the session cookie that _shouldn't_ exist.\n\nAND", "creation_timestamp": "2026-07-04T09:29:29.216939Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/058122fe-b188-49bb-bda8-a9844b365d0e/export"/>
    <published>2026-07-04T09:29:29.216939+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8a20348a-ba0c-4101-ac56-1389b9d5abb4/export</id>
    <title>8a20348a-ba0c-4101-ac56-1389b9d5abb4</title>
    <updated>2026-07-04T18:57:20.181143+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8a20348a-ba0c-4101-ac56-1389b9d5abb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpsqqmdovk2k", "content": "\ud83d\udc49 PTT-2026-004 (CVE-2026-48611, 9.4): the PoC shows the full path from a single crafted request to a valid admin session. No credentials that work, no prior access, no user interaction. Just the request and the session cookie that _shouldn't_ exist.\n\nAND", "creation_timestamp": "2026-07-04T09:29:28.358277Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8a20348a-ba0c-4101-ac56-1389b9d5abb4/export"/>
    <published>2026-07-04T09:29:28.358277+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b2af75be-7bee-4ddc-aada-4b258ec4f3fa/export</id>
    <title>b2af75be-7bee-4ddc-aada-4b258ec4f3fa</title>
    <updated>2026-07-04T18:57:20.181336+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "b2af75be-7bee-4ddc-aada-4b258ec4f3fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48611", "type": "published-proof-of-concept", "source": "https://www.aikido.dev/blog/authentication-bypass-phpbb-technical-writeup", "content": "", "creation_timestamp": "2026-07-03T04:00:54.957519Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b2af75be-7bee-4ddc-aada-4b258ec4f3fa/export"/>
    <published>2026-07-03T04:00:54.957519+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/eafd2b2b-58c3-452a-8809-b3c12bc6ed8f/export</id>
    <title>eafd2b2b-58c3-452a-8809-b3c12bc6ed8f</title>
    <updated>2026-07-04T18:57:20.182901+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "eafd2b2b-58c3-452a-8809-b3c12bc6ed8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/ROllerozxa.hachyderm.io.ap.brid.gy/post/3mo4fv2jki6o2", "content": "Apparently there is a critical #phpBB vulnerability (CVE-2026-48611) that allows anyone to hijack user accounts on any forum with a vulnerable version that has mostly flown under the radar. Someone on a forum I frequent managed to log into the admin account to demonstrate it.\n\nThe fix seems to [\u2026]", "creation_timestamp": "2026-06-12T18:51:21.894384Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/eafd2b2b-58c3-452a-8809-b3c12bc6ed8f/export"/>
    <published>2026-06-12T18:51:21.894384+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/35ca5189-c5fd-459b-9810-306d1bc3f230/export</id>
    <title>35ca5189-c5fd-459b-9810-306d1bc3f230</title>
    <updated>2026-07-04T18:57:20.183107+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "35ca5189-c5fd-459b-9810-306d1bc3f230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mo2zi7lj7g2b", "content": "CVE-2026-48611 - Google OAuth Account Hijacking Vulnerability\nCVE ID : CVE-2026-48611\n \n Published : June 12, 2026, 4:17 a.m. | 49\u00a0minutes ago\n \n Description : Improper authentication checks in the OAuth implementation allow account hijacking even when OAuth is not configured ...", "creation_timestamp": "2026-06-12T05:36:39.457402Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/35ca5189-c5fd-459b-9810-306d1bc3f230/export"/>
    <published>2026-06-12T05:36:39.457402+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7a52740a-98bb-4653-834b-90d8105a51f3/export</id>
    <title>7a52740a-98bb-4653-834b-90d8105a51f3</title>
    <updated>2026-07-04T18:57:20.183280+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7a52740a-98bb-4653-834b-90d8105a51f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mo2xhfwjef24", "content": "\ud83d\udd34 CVE-2026-48611 - Critical (9.8)\n\nImproper authentication checks in the OAuth implementation allow account hijacking even when OAut...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48611/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-12T05:00:25.771993Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7a52740a-98bb-4653-834b-90d8105a51f3/export"/>
    <published>2026-06-12T05:00:25.771993+00:00</published>
  </entry>
</feed>
