<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-04T13:09:33.693644+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/706c3fa0-f356-4e6a-bce8-bcefbc77716d/export</id>
    <title>706c3fa0-f356-4e6a-bce8-bcefbc77716d</title>
    <updated>2026-07-04T13:09:33.746080+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "706c3fa0-f356-4e6a-bce8-bcefbc77716d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56085", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mps74k2ypd2f", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-56085 \u0432 Dell PowerProtect Data Domain: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u043c\u0435\u0440\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/333E8630-A5FE-4AEB-881E-548D09513BFD", "creation_timestamp": "2026-07-04T04:13:55.886918Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/706c3fa0-f356-4e6a-bce8-bcefbc77716d/export"/>
    <published>2026-07-04T04:13:55.886918+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bb8c4291-b1ca-4578-9282-b345eab5bd48/export</id>
    <title>bb8c4291-b1ca-4578-9282-b345eab5bd48</title>
    <updated>2026-07-04T13:09:33.747602+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "bb8c4291-b1ca-4578-9282-b345eab5bd48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56085", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpqp7ftpuz2u", "content": "CVE-2026-56085 - Dell PowerProtect Data Domain Use of Uninitialized Resource Information Exposure\nCVE ID : CVE-2026-56085\n \n Published : July 3, 2026, 12:46 p.m. | 1\u00a0hour ago\n \n Description : Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version ...", "creation_timestamp": "2026-07-03T13:56:32.337283Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bb8c4291-b1ca-4578-9282-b345eab5bd48/export"/>
    <published>2026-07-03T13:56:32.337283+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8b78b8cf-ea67-453e-a8d2-12105361052a/export</id>
    <title>8b78b8cf-ea67-453e-a8d2-12105361052a</title>
    <updated>2026-07-04T13:09:33.747736+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8b78b8cf-ea67-453e-a8d2-12105361052a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56081", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motn4eopoq2r", "content": "\ud83d\udea8  ALERT: CVE-2026-56081\n\nCVSS 9.1/10\n\n\ud83d\udccb WHAT IT IS:\nCap-go before 12.128.2 contains an authentication logic flaw that lets an attacker register and control an account bound to a victim's email address before that email is verified. By enabling two-factor authentication on the pre-registered account", "creation_timestamp": "2026-06-22T00:31:50.668051Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8b78b8cf-ea67-453e-a8d2-12105361052a/export"/>
    <published>2026-06-22T00:31:50.668051+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3bdc1313-e846-47d5-90c4-bf45263a091e/export</id>
    <title>3bdc1313-e846-47d5-90c4-bf45263a091e</title>
    <updated>2026-07-04T13:09:33.747846+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3bdc1313-e846-47d5-90c4-bf45263a091e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56081", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3moophetydg2v", "content": "Cap-go capgo &amp;lt;12.128.2 suffers a CRITICAL bug (CVE-2026-56081): attackers can hijack accounts via unverified email sign-up and 2FA. No patch \u2014 monitor for suspicious registrations. https://radar.offseq.com/threat/cve-2026-56081-weak-password-recovery-mechanism-fo-0cc6e5efaf2e4722 #OffSeq #CVE2026...", "creation_timestamp": "2026-06-20T01:30:29.292143Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3bdc1313-e846-47d5-90c4-bf45263a091e/export"/>
    <published>2026-06-20T01:30:29.292143+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2b98c865-4568-4331-ace2-bb2cf648a1f5/export</id>
    <title>2b98c865-4568-4331-ace2-bb2cf648a1f5</title>
    <updated>2026-07-04T13:09:33.747949+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2b98c865-4568-4331-ace2-bb2cf648a1f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56081", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116779845313984813", "content": "CRITICAL: Cap-go capgo (&amp;lt;12.128.2) hit by CVE-2026-56081. Attackers can register with victim emails pre-verification, enable 2FA, and fully take over accounts \u2014 including org policy control. No patch confirmed. Monitor new signups. https://radar.offseq.com/threat/cve-2026-56081-weak-password-recovery-mechanism-fo-0cc6e5efaf2e4722 #OffSeq #CVE202656081 #Infosec", "creation_timestamp": "2026-06-20T01:30:27.887993Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2b98c865-4568-4331-ace2-bb2cf648a1f5/export"/>
    <published>2026-06-20T01:30:27.887993+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7351c6d4-95e7-42b1-9648-34340b5dcc74/export</id>
    <title>7351c6d4-95e7-42b1-9648-34340b5dcc74</title>
    <updated>2026-07-04T13:09:33.748054+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7351c6d4-95e7-42b1-9648-34340b5dcc74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56082", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moonsslcpx2x", "content": "\ud83d\udfe0 CVE-2026-56082 - High (7.5)\n\nCapgo (Cap-go/capgo) before 12.128.2 contains an improper access control vulnerability in the SEC...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-56082/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-20T01:01:13.355089Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7351c6d4-95e7-42b1-9648-34340b5dcc74/export"/>
    <published>2026-06-20T01:01:13.355089+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/32cf7832-b347-4a5c-a8ba-e908aae07d0b/export</id>
    <title>32cf7832-b347-4a5c-a8ba-e908aae07d0b</title>
    <updated>2026-07-04T13:09:33.748160+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "32cf7832-b347-4a5c-a8ba-e908aae07d0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56081", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moonslcm672y", "content": "\ud83d\udd34 CVE-2026-56081 - Critical (9.1)\n\nCap-go before 12.128.2 contains an authentication logic flaw that lets an attacker register and c...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-56081/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-20T01:01:10.829262Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/32cf7832-b347-4a5c-a8ba-e908aae07d0b/export"/>
    <published>2026-06-20T01:01:10.829262+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/77b0ca8e-1e6d-4062-bc76-3e6f8a3f1fb3/export</id>
    <title>77b0ca8e-1e6d-4062-bc76-3e6f8a3f1fb3</title>
    <updated>2026-07-04T13:09:33.748260+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "77b0ca8e-1e6d-4062-bc76-3e6f8a3f1fb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56082", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mooifngnaj2q", "content": "CVE-2026-56082 - Supabase - Unauthenticated Cross-Tenant Billing Log Tampering via public.record_build_time RPC\nCVE ID : CVE-2026-56082\n \n Published : June 19, 2026, 9:39 p.m. | 1\u00a0hour, 30\u00a0minutes ago\n \n Description : Capgo (Cap-go/capgo) before 12.128.2 contains an improper a...", "creation_timestamp": "2026-06-19T23:24:14.273281Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/77b0ca8e-1e6d-4062-bc76-3e6f8a3f1fb3/export"/>
    <published>2026-06-19T23:24:14.273281+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f1dddeff-3515-402c-8309-e5fa5505e9b5/export</id>
    <title>f1dddeff-3515-402c-8309-e5fa5505e9b5</title>
    <updated>2026-07-04T13:09:33.748362+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f1dddeff-3515-402c-8309-e5fa5505e9b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56081", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mooi4ovvat2e", "content": "CVE-2026-56081 - Cap-go - Account Lockout via 2FA Misconfiguration on Unverified Email\nCVE ID : CVE-2026-56081\n \n Published : June 19, 2026, 9:39 p.m. | 1\u00a0hour, 30\u00a0minutes ago\n \n Description : Cap-go before 12.128.2 contains an authentication logic flaw that lets an attacker r...", "creation_timestamp": "2026-06-19T23:19:14.080129Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f1dddeff-3515-402c-8309-e5fa5505e9b5/export"/>
    <published>2026-06-19T23:19:14.080129+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/cae97d27-77dd-4457-a185-98369fd1f009/export</id>
    <title>cae97d27-77dd-4457-a185-98369fd1f009</title>
    <updated>2026-07-04T13:09:33.748459+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "cae97d27-77dd-4457-a185-98369fd1f009", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5608", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mky66i56tz25", "content": "\ud83d\udccc CVE-2026-5608 - A vulnerability was detected in Belkin F9K1122 1.00.33. Affected is the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of ... https://www.cyberhub.blog/cves/CVE-2026-5608", "creation_timestamp": "2026-05-03T22:07:07.616459Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/cae97d27-77dd-4457-a185-98369fd1f009/export"/>
    <published>2026-05-03T22:07:07.616459+00:00</published>
  </entry>
</feed>
