<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-10T19:24:46.425995+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/36ee048c-1d3f-477d-bfb8-ba9f42e2b28b/export</id>
    <title>36ee048c-1d3f-477d-bfb8-ba9f42e2b28b</title>
    <updated>2026-07-10T19:24:46.447432+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "36ee048c-1d3f-477d-bfb8-ba9f42e2b28b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25879", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqathrxe3k2q", "content": "CVE-2026-55615 - Langroid: Neo4jChatAgent executes LLM-generated Cypher without validation (prompt-to-Cypher injection; config-conditional RCE), mirroring the SQLChatAgent bug fixed in CVE-2026-25879\nCVE ID : CVE-2026-55615\n \n Published : July 9, 2026, 11:40 p.m. | 8\u00a0minutes a...", "creation_timestamp": "2026-07-09T23:55:24.373653Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/36ee048c-1d3f-477d-bfb8-ba9f42e2b28b/export"/>
    <published>2026-07-09T23:55:24.373653+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9f59f182-ce47-40e8-ab4a-8079f04b9285/export</id>
    <title>9f59f182-ce47-40e8-ab4a-8079f04b9285</title>
    <updated>2026-07-10T19:24:46.448946+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9f59f182-ce47-40e8-ab4a-8079f04b9285", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2587", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgfn3kmhn23", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-2587: \u0443\u0433\u0440\u043e\u0437\u0430 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445\n\n\n\nhttps://kripta.biz/posts/3D673D34-C3D9-4983-8B5E-E6CDFFA5A948", "creation_timestamp": "2026-06-29T11:38:36.609577Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9f59f182-ce47-40e8-ab4a-8079f04b9285/export"/>
    <published>2026-06-29T11:38:36.609577+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/0a282f15-cbcb-49ea-a8a6-5a167c07c831/export</id>
    <title>0a282f15-cbcb-49ea-a8a6-5a167c07c831</title>
    <updated>2026-07-10T19:24:46.449064+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "0a282f15-cbcb-49ea-a8a6-5a167c07c831", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25879", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnbfibhj362a", "content": "\ud83d\udd34 CVE-2026-25879 - Critical (9.8)\n\nLangroid is a framework for building large-language-model-powered applications. Prior to version ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-25879/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-02T01:02:14.193413Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/0a282f15-cbcb-49ea-a8a6-5a167c07c831/export"/>
    <published>2026-06-02T01:02:14.193413+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2ba4206b-f69c-4843-9028-ad0e561762cb/export</id>
    <title>2ba4206b-f69c-4843-9028-ad0e561762cb</title>
    <updated>2026-07-10T19:24:46.449168+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "2ba4206b-f69c-4843-9028-ad0e561762cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-25879", "type": "published-proof-of-concept", "source": "https://github.com/langroid/langroid/security/advisories/GHSA-mxfr-6hcw-j9rq", "content": "", "creation_timestamp": "2026-05-27T00:56:21.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2ba4206b-f69c-4843-9028-ad0e561762cb/export"/>
    <published>2026-05-27T00:56:21+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a49aabff-9e2f-49d9-852f-dc80de72e0e7/export</id>
    <title>a49aabff-9e2f-49d9-852f-dc80de72e0e7</title>
    <updated>2026-07-10T19:24:46.450057+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a49aabff-9e2f-49d9-852f-dc80de72e0e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2587", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mmelqqijxd25", "content": "\ud83d\udccc CVE-2026-2587 - A critical Remote Code Execution (RCE) vulnerability was identified in the server-side template rendering mechanism used by the Glassfish gadget handl... https://www.cyberhub.blog/cves/CVE-2026-2587", "creation_timestamp": "2026-05-21T14:07:07.845096Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a49aabff-9e2f-49d9-852f-dc80de72e0e7/export"/>
    <published>2026-05-21T14:07:07.845096+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4341ca8a-7eee-4600-8c95-d18ae28f0339/export</id>
    <title>4341ca8a-7eee-4600-8c95-d18ae28f0339</title>
    <updated>2026-07-10T19:24:46.450155+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "4341ca8a-7eee-4600-8c95-d18ae28f0339", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2587", "type": "seen", "source": "Telegram/Nb7K5zYmouklHSq2-4YzAjIlBSlI43wf9hUI3PLTIzXqPwQ", "content": "", "creation_timestamp": "2026-05-21T03:00:06.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4341ca8a-7eee-4600-8c95-d18ae28f0339/export"/>
    <published>2026-05-21T03:00:06+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/81f61c12-6cec-49cc-9438-ed253626efe7/export</id>
    <title>81f61c12-6cec-49cc-9438-ed253626efe7</title>
    <updated>2026-07-10T19:24:46.450235+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "81f61c12-6cec-49cc-9438-ed253626efe7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2587", "type": "published-proof-of-concept", "source": "Telegram/8XMYNKwrAfZdRqR9ubtjXzgzOw6F5g1aYGu8o-Ioo35SIYg", "content": "", "creation_timestamp": "2026-05-20T23:00:11.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/81f61c12-6cec-49cc-9438-ed253626efe7/export"/>
    <published>2026-05-20T23:00:11+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/cd4a284d-cf92-44c0-927b-49099caef38f/export</id>
    <title>cd4a284d-cf92-44c0-927b-49099caef38f</title>
    <updated>2026-07-10T19:24:46.450312+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "cd4a284d-cf92-44c0-927b-49099caef38f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2587", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/85099", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC #Exploit #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-2587-Exploit-POC\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Bhanunamikaze\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-20 21:39:10\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nPoC validator for CVE-2026-2587 \u2014 Critical (CVSS 9.6) EL Injection RCE in Eclipse GlassFish &amp;lt; 7.1.0 admin console gadget handler. Multi-target scanner with CSV/JSON output.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-20T22:00:04.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/cd4a284d-cf92-44c0-927b-49099caef38f/export"/>
    <published>2026-05-20T22:00:04+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7e269312-3c36-4ca6-a2aa-51c4628427bf/export</id>
    <title>7e269312-3c36-4ca6-a2aa-51c4628427bf</title>
    <updated>2026-07-10T19:24:46.450396+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7e269312-3c36-4ca6-a2aa-51c4628427bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2587", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmapdtv3ko2w", "content": "\ud83d\udd34 CVE-2026-2587 - Critical (9.6)\n\nA critical Remote Code Execution (RCE) vulnerability was identified in the server-side template r...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-2587/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-20T01:00:51.571392Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7e269312-3c36-4ca6-a2aa-51c4628427bf/export"/>
    <published>2026-05-20T01:00:51.571392+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e0151767-d94d-4d9e-b26d-da8715c1416b/export</id>
    <title>e0151767-d94d-4d9e-b26d-da8715c1416b</title>
    <updated>2026-07-10T19:24:46.450479+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e0151767-d94d-4d9e-b26d-da8715c1416b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25874", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mkq3xpztnf2c", "content": "Critical RCE vulnerability (CVE-2026-25874) found in Hugging Face's LeRobot framework. Immediate action required to secure AI systems. #CyberSecurity #AI #MachineLearning #LeRobot #HuggingFace Link: thedailytechfeed.com/critical-fla...", "creation_timestamp": "2026-04-30T17:06:16.358659Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e0151767-d94d-4d9e-b26d-da8715c1416b/export"/>
    <published>2026-04-30T17:06:16.358659+00:00</published>
  </entry>
</feed>
