<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-10T10:00:08.533225+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/af6b0235-a29b-4e96-83a8-82ec19f0b3c4/export</id>
    <title>af6b0235-a29b-4e96-83a8-82ec19f0b3c4</title>
    <updated>2026-07-10T10:00:08.553080+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "af6b0235-a29b-4e96-83a8-82ec19f0b3c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4081", "type": "seen", "source": "https://t.me/cibsecurity/53227", "content": "\u203c CVE-2022-4081 \u203c\n\nA vulnerability classified as problematic was found in getseofix Show Visitor IP Address Widget and Shortcode Plugin. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214048.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-20T16:36:30.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/af6b0235-a29b-4e96-83a8-82ec19f0b3c4/export"/>
    <published>2022-11-20T16:36:30+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4305e5a4-995f-4ff8-8ccb-c16ecf13f834/export</id>
    <title>4305e5a4-995f-4ff8-8ccb-c16ecf13f834</title>
    <updated>2026-07-10T10:00:08.555777+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "4305e5a4-995f-4ff8-8ccb-c16ecf13f834", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40816", "type": "seen", "source": "https://t.me/cibsecurity/50550", "content": "\u203c CVE-2022-40816 \u203c\n\nZammad 5.2.1 is vulnerable to Incorrect Access Control. Zammad's asset handling mechanism has logic to ensure that customer users are not able to see personal information of other users. This logic was not effective when used through a web socket connection, so that a logged-in attacker would be able to fetch personal data of other users by querying the Zammad API. This issue is fixed in , 5.2.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-28T02:36:38.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4305e5a4-995f-4ff8-8ccb-c16ecf13f834/export"/>
    <published>2022-09-28T02:36:38+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e38ff11a-5cc4-4bbb-860d-117f2a1d2012/export</id>
    <title>e38ff11a-5cc4-4bbb-860d-117f2a1d2012</title>
    <updated>2026-07-10T10:00:08.555924+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e38ff11a-5cc4-4bbb-860d-117f2a1d2012", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40817", "type": "seen", "source": "https://t.me/cibsecurity/50548", "content": "\u203c CVE-2022-40817 \u203c\n\nZammad 5.2.1 has a fine-grained permission model that allows to configure read-only access to tickets. However, agents were still wrongly able to perform some operations on such tickets, like adding and removing links, tags. and related answers. This issue has been fixed in 5.2.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-28T02:36:34.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e38ff11a-5cc4-4bbb-860d-117f2a1d2012/export"/>
    <published>2022-09-28T02:36:34+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8da5051d-6b9d-4384-aafd-36cdbae7749b/export</id>
    <title>8da5051d-6b9d-4384-aafd-36cdbae7749b</title>
    <updated>2026-07-10T10:00:08.556041+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8da5051d-6b9d-4384-aafd-36cdbae7749b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40811", "type": "seen", "source": "https://t.me/cibsecurity/50028", "content": "\u203c CVE-2022-40811 \u203c\n\nThe d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-19T18:37:54.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8da5051d-6b9d-4384-aafd-36cdbae7749b/export"/>
    <published>2022-09-19T18:37:54+00:00</published>
  </entry>
</feed>
