<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-19T17:49:37.863847+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6d492b50-14f6-4bfc-af1f-c05e5c04eeb0/export</id>
    <title>6d492b50-14f6-4bfc-af1f-c05e5c04eeb0</title>
    <updated>2026-07-19T17:49:37.880372+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6d492b50-14f6-4bfc-af1f-c05e5c04eeb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0257", "type": "seen", "source": "https://t.me/MalaysiaHacktivistz/21897", "content": "PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation \u2013 thehackernews.com\n\nSat, 30 May 2026 14:41:26", "creation_timestamp": "2026-07-19T16:00:04.912326Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6d492b50-14f6-4bfc-af1f-c05e5c04eeb0/export"/>
    <published>2026-07-19T16:00:04.912326+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/99ea6621-88f1-47d6-aa98-a2b49374e710/export</id>
    <title>99ea6621-88f1-47d6-aa98-a2b49374e710</title>
    <updated>2026-07-19T17:49:37.882284+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "99ea6621-88f1-47d6-aa98-a2b49374e710", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0257", "type": "published-proof-of-concept", "source": "Telegram/MCIVjT2wGlOhNzGxxI4_zyvBHRQPD_Tsyc6A30C1dkLHGvM", "content": "", "creation_timestamp": "2026-07-18T00:00:33.491072Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/99ea6621-88f1-47d6-aa98-a2b49374e710/export"/>
    <published>2026-07-18T00:00:33.491072+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b40ad50f-b70c-4bbe-98ab-30bf21ce8024/export</id>
    <title>b40ad50f-b70c-4bbe-98ab-30bf21ce8024</title>
    <updated>2026-07-19T17:49:37.882413+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b40ad50f-b70c-4bbe-98ab-30bf21ce8024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0257", "type": "seen", "source": "Telegram/MCIVjT2wGlOhNzGxxI4_zyvBHRQPD_Tsyc6A30C1dkLHGvM", "content": "", "creation_timestamp": "2026-07-17T00:00:32.566797Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b40ad50f-b70c-4bbe-98ab-30bf21ce8024/export"/>
    <published>2026-07-17T00:00:32.566797+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ff3d7f4a-d758-493c-b25b-3ccbd694ba56/export</id>
    <title>ff3d7f4a-d758-493c-b25b-3ccbd694ba56</title>
    <updated>2026-07-19T17:49:37.882517+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ff3d7f4a-d758-493c-b25b-3ccbd694ba56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0257", "type": "seen", "source": "Telegram/MCIVjT2wGlOhNzGxxI4_zyvBHRQPD_Tsyc6A30C1dkLHGvM", "content": "", "creation_timestamp": "2026-07-16T19:00:17.127385Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ff3d7f4a-d758-493c-b25b-3ccbd694ba56/export"/>
    <published>2026-07-16T19:00:17.127385+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/efd5ef77-fa0c-498b-b07a-d30adbf275b2/export</id>
    <title>efd5ef77-fa0c-498b-b07a-d30adbf275b2</title>
    <updated>2026-07-19T17:49:37.882618+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "efd5ef77-fa0c-498b-b07a-d30adbf275b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0257", "type": "exploited", "source": "https://t.me/thehackernews/9236", "content": "\ud83d\udea8 Hackers found a way into Palo Alto\u2019s GlobalProtect VPN without a password.\n\nThe flaw, tracked as CVE-2026-0257, lets attackers bypass PAN-OS authentication and establish unauthorized VPN sessions.\n\nPalo Alto says it\u2019s already being used in real attacks.\n\nIf you run GlobalProtect, check this now.\n\nDetails \u279d https://thehackernews.com/2026/06/palo-alto-warns-of-active-exploitation.html", "creation_timestamp": "2026-07-16T00:00:10.068452Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/efd5ef77-fa0c-498b-b07a-d30adbf275b2/export"/>
    <published>2026-07-16T00:00:10.068452+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/07e081b1-d2a4-4ab5-b3e1-94e838c8f5de/export</id>
    <title>07e081b1-d2a4-4ab5-b3e1-94e838c8f5de</title>
    <updated>2026-07-19T17:49:37.882723+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "07e081b1-d2a4-4ab5-b3e1-94e838c8f5de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0257", "type": "exploited", "source": "https://t.me/information_security_channel/55328", "content": "Recent Palo Alto Networks Vulnerability Exploited for Weeks\nhttps://www.securityweek.com/recent-palo-alto-networks-vulnerability-exploited-for-weeks/\n\nHackers began exploiting CVE-2026-0257, an authentication bypass in Palo Alto Networks PAN-OS, four days after public disclosure.\nThe post Recent Palo Alto Networks Vulnerability Exploited for Weeks (https://www.securityweek.com/recent-palo-alto-networks-vulnerability-exploited-for-weeks/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2026-07-16T00:00:08.067808Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/07e081b1-d2a4-4ab5-b3e1-94e838c8f5de/export"/>
    <published>2026-07-16T00:00:08.067808+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5d7685f6-50ad-4925-acf2-501d116ca763/export</id>
    <title>5d7685f6-50ad-4925-acf2-501d116ca763</title>
    <updated>2026-07-19T17:49:37.882827+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5d7685f6-50ad-4925-acf2-501d116ca763", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0257", "type": "seen", "source": "https://t.me/information_security_channel/55328", "content": "Recent Palo Alto Networks Vulnerability Exploited for Weeks\nhttps://www.securityweek.com/recent-palo-alto-networks-vulnerability-exploited-for-weeks/\n\nHackers began exploiting CVE-2026-0257, an authentication bypass in Palo Alto Networks PAN-OS, four days after public disclosure.\nThe post Recent Palo Alto Networks Vulnerability Exploited for Weeks (https://www.securityweek.com/recent-palo-alto-networks-vulnerability-exploited-for-weeks/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2026-07-15T12:00:06.608894Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5d7685f6-50ad-4925-acf2-501d116ca763/export"/>
    <published>2026-07-15T12:00:06.608894+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a2349265-f508-4ec5-8802-f3b8f61597e5/export</id>
    <title>a2349265-f508-4ec5-8802-f3b8f61597e5</title>
    <updated>2026-07-19T17:49:37.882930+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a2349265-f508-4ec5-8802-f3b8f61597e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0257", "type": "seen", "source": "https://t.me/thehackernews/9236", "content": "\ud83d\udea8 Hackers found a way into Palo Alto\u2019s GlobalProtect VPN without a password.\n\nThe flaw, tracked as CVE-2026-0257, lets attackers bypass PAN-OS authentication and establish unauthorized VPN sessions.\n\nPalo Alto says it\u2019s already being used in real attacks.\n\nIf you run GlobalProtect, check this now.\n\nDetails \u279d https://thehackernews.com/2026/06/palo-alto-warns-of-active-exploitation.html", "creation_timestamp": "2026-07-15T12:00:04.946841Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a2349265-f508-4ec5-8802-f3b8f61597e5/export"/>
    <published>2026-07-15T12:00:04.946841+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/772369a8-1926-46b9-ac11-131faac60f0d/export</id>
    <title>772369a8-1926-46b9-ac11-131faac60f0d</title>
    <updated>2026-07-19T17:49:37.883029+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "772369a8-1926-46b9-ac11-131faac60f0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0257", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/92424", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-0257-GlobalProtect-Bypass\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a amnsecurity\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-08 00:18:17\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-0257 - Palo Alto PAN-OS GlobalProtect Auth Override Cookie Forgery - PoC &amp;amp; Analysis | CVSS 9.1 CRITICAL CISA KEV | AMN SECURITY\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-15T00:00:32.374327Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/772369a8-1926-46b9-ac11-131faac60f0d/export"/>
    <published>2026-07-15T00:00:32.374327+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bd12798b-a11e-4864-8823-b5fdc8b4dd77/export</id>
    <title>bd12798b-a11e-4864-8823-b5fdc8b4dd77</title>
    <updated>2026-07-19T17:49:37.883130+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "bd12798b-a11e-4864-8823-b5fdc8b4dd77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0257", "type": "seen", "source": "https://t.me/ctinow/251800", "content": "Palo Alto Warns of Exploitation of VPN Bypass Exploits (CVE-2026-0257) in PAN-OS Flaw\nhttps://ift.tt/gL8kFVd", "creation_timestamp": "2026-07-15T00:00:22.618709Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bd12798b-a11e-4864-8823-b5fdc8b4dd77/export"/>
    <published>2026-07-15T00:00:22.618709+00:00</published>
  </entry>
</feed>
