<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-12T03:35:01.745992+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/15bc945d-bb65-452b-81de-97625ef14652/export</id>
    <title>15bc945d-bb65-452b-81de-97625ef14652</title>
    <updated>2026-07-12T03:35:01.764793+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "15bc945d-bb65-452b-81de-97625ef14652", "vulnerability_lookup_origin": "c8fb6bf1-f81f-4cb8-95b1-eadbb3b54ee8", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/f7c27c22-c307-4af0-b813-e6bbe2df7f54", "content": "", "creation_timestamp": "2026-07-11T01:00:37.188807Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/15bc945d-bb65-452b-81de-97625ef14652/export"/>
    <published>2026-07-11T01:00:37.188807+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1ffb0e3f-1bed-41b0-a165-f79ded52376f/export</id>
    <title>1ffb0e3f-1bed-41b0-a165-f79ded52376f</title>
    <updated>2026-07-12T03:35:01.766797+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "1ffb0e3f-1bed-41b0-a165-f79ded52376f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mqbvzi7ei32m", "content": "Rapid reaction gets you ahead. 7 days before CISA added CVE-2026-20253 a critical Unauthenticated Arbitrary File Creation vulnerability (CVSS 9.8) in Splunk Enterprise to KEV, watchTowr clients were aware of their ex\u2026\n\n\u2014 from @watchtowrcyber (https://x.com/watchtowrcyber/status/2075518976126226783)", "creation_timestamp": "2026-07-10T10:13:45.312521Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1ffb0e3f-1bed-41b0-a165-f79ded52376f/export"/>
    <published>2026-07-10T10:13:45.312521+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/eb95f5e3-f924-401c-b8f9-30336097f02d/export</id>
    <title>eb95f5e3-f924-401c-b8f9-30336097f02d</title>
    <updated>2026-07-12T03:35:01.766928+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "eb95f5e3-f924-401c-b8f9-30336097f02d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mqbv2wudln23", "content": "Rapid reaction gets you ahead. 7 days before CISA added CVE-2026-20253 a critical Unauthenticated Arbitrary File Creation vulnerability (CVSS 9.8) in Splunk Enterprise, watchTowr clients were aware of their exposure.\u2026\n\n\u2014 from @watchtowrcyber (https://x.com/watchtowrcyber/status/2075517780732883119)", "creation_timestamp": "2026-07-10T09:56:40.958222Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/eb95f5e3-f924-401c-b8f9-30336097f02d/export"/>
    <published>2026-07-10T09:56:40.958222+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3043736e-6b00-4a3c-9f19-ed4dc7528d63/export</id>
    <title>3043736e-6b00-4a3c-9f19-ed4dc7528d63</title>
    <updated>2026-07-12T03:35:01.767034+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3043736e-6b00-4a3c-9f19-ed4dc7528d63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/sen-perimetered.bsky.social/post/3mpy3cqiiez2r", "content": "CVE-2026-20253: Splunk Enterprise, KEV-listed, actively exploited. No credentials required \u2014 unauthenticated file write/truncate via a PostgreSQL sidecar endpoint with zero auth controls. Shadowserver: 1,400+ exposed instances. Affected: 10.0.0\u201310.0.6, 10.2.0\u201310.2.3. Patch now.", "creation_timestamp": "2026-07-06T12:21:47.622619Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3043736e-6b00-4a3c-9f19-ed4dc7528d63/export"/>
    <published>2026-07-06T12:21:47.622619+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/624312f4-b7f7-4c0e-ac24-4a0b1fdd4f36/export</id>
    <title>624312f4-b7f7-4c0e-ac24-4a0b1fdd4f36</title>
    <updated>2026-07-12T03:35:01.767132+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "624312f4-b7f7-4c0e-ac24-4a0b1fdd4f36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mpuoreax3s2l", "content": "\u300cSplunk Enterprise\u300d\u306b\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8 - \u300c\u30af\u30ea\u30c6\u30a3\u30ab\u30eb\u300d\u8106\u5f31\u6027\u306a\u3069\u89e3\u6d88\n\nSplunk\u306f\u3001\u300cSplunk Enterprise\u300d\u306b\u8907\u6570\u306e\u8106\u5f31\u6027\u304c\u898b\u3064\u304b\u3063\u305f\u3068\u3057\u3066\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c9\u30d0\u30a4\u30b6\u30ea\u3092\u516c\u958b\u3057\u305f\u3002\u300c\u30af\u30ea\u30c6\u30a3\u30ab\u30eb\uff08Critical\uff09\u300d\u3068\u3055\u308c\u308b\u8106\u5f31\u6027\u3082\u660e\u3089\u304b\u3068\u306a\u3063\u3066\u3044\u308b\u3002\n\n\u73fe\u5730\u6642\u95936\u670810\u65e5\u306b\u8907\u6570\u306e\u30a2\u30c9\u30d0\u30a4\u30b6\u30ea\u3092\u516c\u958b\u3057\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u306b\u3066\u5bfe\u5fdc\u3057\u305f\u3082\u306e\u3002\u30b5\u30fc\u30c9\u30d1\u30fc\u30c6\u30a3\u88fd\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u306a\u3069\u306e\u8106\u5f31\u6027\u3078\u3082\u5bfe\u51e6\u3057\u3066\u3044\u308b\u3002\n\n\u91cd\u8981\u5ea6\u306f4\u6bb5\u968e\u4e2d\u3082\u3063\u3068\u3082\u9ad8\u3044\u300c\u30af\u30ea\u30c6\u30a3\u30ab\u30eb\uff08Critical\uff09\u300d\u3068\u3055\u308c\u308b\u8106\u5f31\u6027\u300cCVE-2026-20253\u300d\u3082\u542b\u307e\u308c\u3066\u3044\u305f\u3002", "creation_timestamp": "2026-07-05T03:59:19.377939Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/624312f4-b7f7-4c0e-ac24-4a0b1fdd4f36/export"/>
    <published>2026-07-05T03:59:19.377939+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c55188a3-f49a-4f9f-8071-e2e5ea203b2a/export</id>
    <title>c55188a3-f49a-4f9f-8071-e2e5ea203b2a</title>
    <updated>2026-07-12T03:35:01.767235+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c55188a3-f49a-4f9f-8071-e2e5ea203b2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/wordfencenews.bsky.social/post/3mpp7uhszfc2a", "content": "Critical Splunk Enterprise Flaw Now Exploited in the Wild | CVE-2026-20253", "creation_timestamp": "2026-07-02T23:49:21.376495Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c55188a3-f49a-4f9f-8071-e2e5ea203b2a/export"/>
    <published>2026-07-02T23:49:21.376495+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c8e5cc47-1299-4ac8-a142-c60e4cdb8087/export</id>
    <title>c8e5cc47-1299-4ac8-a142-c60e4cdb8087</title>
    <updated>2026-07-12T03:35:01.767327+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c8e5cc47-1299-4ac8-a142-c60e4cdb8087", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/wordfencenews.bsky.social/post/3mpp7mnjxe22a", "content": "Critical Splunk Enterprise Flaw Now Exploited in the Wild | CVE-2026-20253", "creation_timestamp": "2026-07-02T23:45:00.027008Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c8e5cc47-1299-4ac8-a142-c60e4cdb8087/export"/>
    <published>2026-07-02T23:45:00.027008+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8b53423a-3a09-4861-8608-7e2f3f22b04e/export</id>
    <title>8b53423a-3a09-4861-8608-7e2f3f22b04e</title>
    <updated>2026-07-12T03:35:01.767420+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8b53423a-3a09-4861-8608-7e2f3f22b04e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/wordfencenews.bsky.social/post/3mpp7hv2wh22a", "content": "Critical Splunk Enterprise Flaw Now Exploited in the Wild | CVE-2026-20253\n\nWatch The Clip: youtube.com/shorts/j-Lgi...", "creation_timestamp": "2026-07-02T23:42:19.803117Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8b53423a-3a09-4861-8608-7e2f3f22b04e/export"/>
    <published>2026-07-02T23:42:19.803117+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c550f0e8-4357-4f74-9990-a4420068e990/export</id>
    <title>c550f0e8-4357-4f74-9990-a4420068e990</title>
    <updated>2026-07-12T03:35:01.767513+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c550f0e8-4357-4f74-9990-a4420068e990", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/hookprobe.com/post/3mpjettfgyk2o", "content": "Surprising: even Splunk Enterprise is at risk with CVE-2026-20253. HookProbe's HYDRA, NAPSE, AEGIS, and Qsecbit can guard against arbitrary file tampering. #EdgeSecurity #IDS", "creation_timestamp": "2026-06-30T16:02:29.243009Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c550f0e8-4357-4f74-9990-a4420068e990/export"/>
    <published>2026-06-30T16:02:29.243009+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f32db372-523d-4880-9d7a-70abe218ba24/export</id>
    <title>f32db372-523d-4880-9d7a-70abe218ba24</title>
    <updated>2026-07-12T03:35:01.767610+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f32db372-523d-4880-9d7a-70abe218ba24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20253", "type": "seen", "source": "https://bsky.app/profile/hookprobe.com/post/3mpjdvc23wi2h", "content": "\ud83c\udfac How HookProbe Detects CVE-2026-20253: Securing Splunk Enterprise Against Arbitrary File Manipulation \u2014 AI-native edge security on a $50 Raspberry Pi. #infosec #EdgeSecurity #RaspberryPi", "creation_timestamp": "2026-06-30T15:45:23.671306Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f32db372-523d-4880-9d7a-70abe218ba24/export"/>
    <published>2026-06-30T15:45:23.671306+00:00</published>
  </entry>
</feed>
