<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-12T01:29:30.638102+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bd8a9b11-0774-4d94-90ed-8c5c0fa63335/export</id>
    <title>bd8a9b11-0774-4d94-90ed-8c5c0fa63335</title>
    <updated>2026-07-12T01:29:30.658267+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "bd8a9b11-0774-4d94-90ed-8c5c0fa63335", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59828", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqawjvldsi2e", "content": "CVE-2026-59828 - Discourse: Hidden post revisions leak through adjacent visible diffs\nCVE ID : CVE-2026-59828\n \n Published : July 9, 2026, 10:17 p.m. | 1\u00a0hour, 31\u00a0minutes ago\n \n Description : Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4....", "creation_timestamp": "2026-07-10T00:50:16.498337Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bd8a9b11-0774-4d94-90ed-8c5c0fa63335/export"/>
    <published>2026-07-10T00:50:16.498337+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/20183eb3-8d6e-4d4c-bb3e-7242cdeb1abb/export</id>
    <title>20183eb3-8d6e-4d4c-bb3e-7242cdeb1abb</title>
    <updated>2026-07-12T01:29:30.660008+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "20183eb3-8d6e-4d4c-bb3e-7242cdeb1abb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59827", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqadsdolzn2x", "content": "CVE-2026-59827 - Metabase: Unsafe Deserialization of H2 Query Results\nCVE ID : CVE-2026-59827\n \n Published : July 9, 2026, 6:16 p.m. | 15\u00a0minutes ago\n \n Description : Metabase is an open-source business intelligence and embedded analytics tool. Prior to 1.58.15, 1.59.12, 1.60....", "creation_timestamp": "2026-07-09T19:14:58.553296Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/20183eb3-8d6e-4d4c-bb3e-7242cdeb1abb/export"/>
    <published>2026-07-09T19:14:58.553296+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/58316356-8c5f-4e24-9283-163ed5d5c406/export</id>
    <title>58316356-8c5f-4e24-9283-163ed5d5c406</title>
    <updated>2026-07-12T01:29:30.660147+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "58316356-8c5f-4e24-9283-163ed5d5c406", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59826", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqabz6y7ax27", "content": "CVE-2026-59826 - Metabase: Arbitrary Code Execution via Database Connection Detail Bypass\nCVE ID : CVE-2026-59826\n \n Published : July 9, 2026, 6:16 p.m. | 15\u00a0minutes ago\n \n Description : Metabase is an open-source business intelligence and embedded analytics tool. From 1.55.0 ...", "creation_timestamp": "2026-07-09T18:43:01.085609Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/58316356-8c5f-4e24-9283-163ed5d5c406/export"/>
    <published>2026-07-09T18:43:01.085609+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c3af38e5-f0e6-4a75-9352-6d932fba8f51/export</id>
    <title>c3af38e5-f0e6-4a75-9352-6d932fba8f51</title>
    <updated>2026-07-12T01:29:30.660272+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c3af38e5-f0e6-4a75-9352-6d932fba8f51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59826", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqab6hpfet2r", "content": "CVE-2026-59826 - metabase\nAn authenticated administrator can run unauthorized code on your Metabase server. This is a risk because it could be used to steal sensitive data or disrupt your business. To protect\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#metabase #CVE #infosec", "creation_timestamp": "2026-07-09T18:28:04.385470Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c3af38e5-f0e6-4a75-9352-6d932fba8f51/export"/>
    <published>2026-07-09T18:28:04.385470+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f48d48f2-fc7d-45f9-876b-d3c8436feb49/export</id>
    <title>f48d48f2-fc7d-45f9-876b-d3c8436feb49</title>
    <updated>2026-07-12T01:29:30.660377+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f48d48f2-fc7d-45f9-876b-d3c8436feb49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59827", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqab2wousj2w", "content": "CVE-2026-59827 - metabase\nMetabase business intelligence tool is affected. If an attacker can run H2 database queries, they may be able to execute code on the server. Update to version 1.58.15, 1.59.12, 1.60.6.3, or\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#metabase #CVE #infosec", "creation_timestamp": "2026-07-09T18:26:05.800383Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f48d48f2-fc7d-45f9-876b-d3c8436feb49/export"/>
    <published>2026-07-09T18:26:05.800383+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bda1fb1b-a6dc-4ad6-9584-4d4675d0632f/export</id>
    <title>bda1fb1b-a6dc-4ad6-9584-4d4675d0632f</title>
    <updated>2026-07-12T01:29:30.660484+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "bda1fb1b-a6dc-4ad6-9584-4d4675d0632f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-59821", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-59821", "content": "", "creation_timestamp": "2026-07-09T00:15:19.180104Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bda1fb1b-a6dc-4ad6-9584-4d4675d0632f/export"/>
    <published>2026-07-09T00:15:19.180104+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/581c2815-106c-4f55-921b-6a157b466587/export</id>
    <title>581c2815-106c-4f55-921b-6a157b466587</title>
    <updated>2026-07-12T01:29:30.662896+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "581c2815-106c-4f55-921b-6a157b466587", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-59820", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-59820", "content": "", "creation_timestamp": "2026-07-09T00:15:16.890153Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/581c2815-106c-4f55-921b-6a157b466587/export"/>
    <published>2026-07-09T00:15:16.890153+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c4d9ee70-89db-4d93-b067-9856c71e6771/export</id>
    <title>c4d9ee70-89db-4d93-b067-9856c71e6771</title>
    <updated>2026-07-12T01:29:30.663033+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "c4d9ee70-89db-4d93-b067-9856c71e6771", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-59822", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-59822", "content": "", "creation_timestamp": "2026-07-09T00:15:14.416515Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c4d9ee70-89db-4d93-b067-9856c71e6771/export"/>
    <published>2026-07-09T00:15:14.416515+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3acd1104-2561-4d97-8df1-224d479bba62/export</id>
    <title>3acd1104-2561-4d97-8df1-224d479bba62</title>
    <updated>2026-07-12T01:29:30.663139+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3acd1104-2561-4d97-8df1-224d479bba62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59822", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq63fj6aid2g", "content": "CVE-2026-59822 - LiteLLM: MCP Authentication Bypass via OAuth2 Passthrough Fallback\nCVE ID : CVE-2026-59822\n \n Published : July 8, 2026, 8:16 p.m. | 58\u00a0minutes ago\n \n Description : LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1...", "creation_timestamp": "2026-07-08T21:39:18.889161Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3acd1104-2561-4d97-8df1-224d479bba62/export"/>
    <published>2026-07-08T21:39:18.889161+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6ea56454-053d-40cf-b7fc-f5a97b11107d/export</id>
    <title>6ea56454-053d-40cf-b7fc-f5a97b11107d</title>
    <updated>2026-07-12T01:29:30.663246+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6ea56454-053d-40cf-b7fc-f5a97b11107d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5982", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mmqibwr4hx25", "content": "\ud83d\udccc CVE-2026-5982 - A vulnerability was found in D-Link DIR-605L 2.13B01. This vulnerability affects the function formAdvNetwork of the file /goform/formAdvNetwork of the... https://www.cyberhub.blog/cves/CVE-2026-5982", "creation_timestamp": "2026-05-26T07:37:06.395018Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6ea56454-053d-40cf-b7fc-f5a97b11107d/export"/>
    <published>2026-05-26T07:37:06.395018+00:00</published>
  </entry>
</feed>
