<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-18T22:50:45.983570+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e0c60c27-2e65-4a31-b484-32c1231ffcf9/export</id>
    <title>e0c60c27-2e65-4a31-b484-32c1231ffcf9</title>
    <updated>2026-07-18T22:50:46.008171+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e0c60c27-2e65-4a31-b484-32c1231ffcf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42055", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/9290", "content": "Update: the critical NGINX flaws now have a clearer technical path.\n\nCVE-2026-42530 comes down to an HTTP/3 lifetime mismatch that can leave a freed stream pointer treated as valid.\n\nCVE-2026-42055 lets oversized HPACK data write past its buffer, causing unauthenticated worker crashes.\n\nPatch or apply mitigations.\n\nRead: https://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html", "creation_timestamp": "2026-07-16T00:00:10.643482Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e0c60c27-2e65-4a31-b484-32c1231ffcf9/export"/>
    <published>2026-07-16T00:00:10.643482+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d9233cab-a821-48e5-b4aa-cfb00fb004ab/export</id>
    <title>d9233cab-a821-48e5-b4aa-cfb00fb004ab</title>
    <updated>2026-07-18T22:50:46.011642+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d9233cab-a821-48e5-b4aa-cfb00fb004ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42055", "type": "seen", "source": "https://t.me/thehackernews/9278", "content": "\ud83d\udea8 Two critical NGINX flaws can lead to remote code execution.\n\nF5 has patched:\n\u2022 CVE-2026-42530 (HTTP/3 use-after-free)\n\u2022 CVE-2026-42055 (HTTP/2 heap buffer overflow)\n\nBoth require specific configurations and ASLR bypass conditions.\n\nDetails here \u2192 https://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html", "creation_timestamp": "2026-07-16T00:00:10.314966Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d9233cab-a821-48e5-b4aa-cfb00fb004ab/export"/>
    <published>2026-07-16T00:00:10.314966+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/83adef13-324b-45d8-bf34-e45327def01a/export</id>
    <title>83adef13-324b-45d8-bf34-e45327def01a</title>
    <updated>2026-07-18T22:50:46.011743+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "83adef13-324b-45d8-bf34-e45327def01a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42055", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mqpji372sc2o", "content": "F5\u793e\u3001NGINX\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027\u306b\u5bfe\u3059\u308b\u5e2f\u57df\u5916\u30d1\u30c3\u30c1\u3092\u30ea\u30ea\u30fc\u30b9\n\n\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4f01\u696d\u306eF5\u306f\u3001NGINX\u30a6\u30a7\u30d6\u30b5\u30fc\u30d0\u30fc\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u5bfe\u51e6\u3059\u308b\u305f\u3081\u3001\u5e2f\u57df\u5916\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u305f\u3002\u3053\u308c\u306b\u306f\u3001\u653b\u6483\u8005\u304c\u8106\u5f31\u306a\u30b7\u30b9\u30c6\u30e0\u4e0a\u3067\u30b3\u30fc\u30c9\u3092\u5b9f\u884c\u3067\u304d\u308b\u53ef\u80fd\u6027\u306e\u3042\u308b\u30012\u3064\u306e\u91cd\u5927\u306a\u6b20\u9665\u304c\u542b\u307e\u308c\u3066\u3044\u308b\u3002\n\n2\u3064\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027\u306f\u3001ngx_http_v3_module\uff08CVE-2026-42530\uff09\u3068ngx_http_proxy_v2_module\u304a\u3088\u3073ngx_http_grpc_module\uff08CVE-2026-42055\uff09\u3067\u767a\u898b\u3055\u308c\u3001\u8a8d\u8a3c\u3055\u308c\u3066\u3044\u306a\u3044\u30ea\u30e2\u30fc\u30c8\u653b\u6483\u8005\u306b\u3088\u3063\u3066\u60aa\u7528\u3055\u308c\u3001\u30c7\u30d5\u30a9\u30eb\u30c8\u4ee5...", "creation_timestamp": "2026-07-15T20:06:38.235319Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/83adef13-324b-45d8-bf34-e45327def01a/export"/>
    <published>2026-07-15T20:06:38.235319+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/999018e6-3233-4417-8cc4-916e67f74c20/export</id>
    <title>999018e6-3233-4417-8cc4-916e67f74c20</title>
    <updated>2026-07-18T22:50:46.011812+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "999018e6-3233-4417-8cc4-916e67f74c20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42055", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mqpi3q3fx22o", "content": "\u300cnginx\u300d\u306b\u8907\u6570\u306e\u30af\u30ea\u30c6\u30a3\u30ab\u30eb\u8106\u5f31\u6027 - \u4fee\u6b63\u7248\u304c\u516c\u958b\n\n\u30a6\u30a7\u30d6\u30b5\u30fc\u30d0\u300cnginx\u300d\u306b\u8907\u6570\u306e\u8106\u5f31\u6027\u304c\u660e\u3089\u304b\u3068\u306a\u3063\u305f\u3002\u6709\u511f\u7248\u3001\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u7248\u306e\u3044\u305a\u308c\u3082\u5f71\u97ff\u3092\u53d7\u3051\u308b\u3002\n\nF5\u306f\u73fe\u5730\u6642\u95932026\u5e746\u670817\u65e5\u306b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c9\u30d0\u30a4\u30b6\u30ea\u3092\u516c\u958b\u3057\u30013\u4ef6\u306e\u8106\u5f31\u6027\u300cCVE-2026-42055\u300d\u300cCVE-2026-42530\u300d\u300cCVE-2026-48142\u300d\u3092\u660e\u3089\u304b\u306b\u3057\u305f\u3002\n\n\u300cCVE-2026-42055\u300d\u306f\u3001\u300cproxy\u300d\u300cgrpc\u300d\u30e2\u30b8\u30e5\u30fc\u30eb\u306b\u78ba\u8a8d\u3055\u308c\u305f\u30d2\u30fc\u30d7\u30d9\u30fc\u30b9\u306e\u30d0\u30c3\u30d5\u30a1\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u306e\u8106\u5f31\u6027\u3002\u7279\u5b9a\u306e\u69cb\u6210\u3068\u3057\u305f\u5834\u5408\u306b\u5f71\u97ff\u3092\u53d7\u3051\u308b\u3002\u60aa\u7528\u3055\u308c\u308b\u3068\u30ef\u30fc\u30ab\u30fc\u30d7\u30ed\u30bb\u30b9\u306e\u518d\u8d77\u52d5\u3092\u5f15\u304d\u8d77\u3053\u3057\u305f\u308a\u3001\u30e1\u30e2...", "creation_timestamp": "2026-07-15T19:41:45.318305Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/999018e6-3233-4417-8cc4-916e67f74c20/export"/>
    <published>2026-07-15T19:41:45.318305+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c150c769-b6c5-49e5-a9ee-226e0266cfac/export</id>
    <title>c150c769-b6c5-49e5-a9ee-226e0266cfac</title>
    <updated>2026-07-18T22:50:46.011876+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c150c769-b6c5-49e5-a9ee-226e0266cfac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42055", "type": "seen", "source": "https://t.me/thehackernews/9290", "content": "Update: the critical NGINX flaws now have a clearer technical path.\n\nCVE-2026-42530 comes down to an HTTP/3 lifetime mismatch that can leave a freed stream pointer treated as valid.\n\nCVE-2026-42055 lets oversized HPACK data write past its buffer, causing unauthenticated worker crashes.\n\nPatch or apply mitigations.\n\nRead: https://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html", "creation_timestamp": "2026-07-15T12:00:04.835617Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c150c769-b6c5-49e5-a9ee-226e0266cfac/export"/>
    <published>2026-07-15T12:00:04.835617+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/607e376e-d5e5-4a7e-aa13-d32e76c964b2/export</id>
    <title>607e376e-d5e5-4a7e-aa13-d32e76c964b2</title>
    <updated>2026-07-18T22:50:46.011943+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "607e376e-d5e5-4a7e-aa13-d32e76c964b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42055", "type": "seen", "source": "https://t.me/thehackernews/9278", "content": "\ud83d\udea8 Two critical NGINX flaws can lead to remote code execution.\n\nF5 has patched:\n\u2022 CVE-2026-42530 (HTTP/3 use-after-free)\n\u2022 CVE-2026-42055 (HTTP/2 heap buffer overflow)\n\nBoth require specific configurations and ASLR bypass conditions.\n\nDetails here \u2192 https://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html", "creation_timestamp": "2026-07-15T12:00:04.637402Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/607e376e-d5e5-4a7e-aa13-d32e76c964b2/export"/>
    <published>2026-07-15T12:00:04.637402+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7996d7bb-891a-4645-8a7f-adca7a5c8498/export</id>
    <title>7996d7bb-891a-4645-8a7f-adca7a5c8498</title>
    <updated>2026-07-18T22:50:46.012011+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "7996d7bb-891a-4645-8a7f-adca7a5c8498", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42055", "type": "seen", "source": "https://www.acn.gov.it/portale/w/risolte-vulnerabilita-nei-prodotti-nginix", "content": "", "creation_timestamp": "2026-06-25T16:45:41.757988Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7996d7bb-891a-4645-8a7f-adca7a5c8498/export"/>
    <published>2026-06-25T16:45:41.757988+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a4cd1633-da38-466f-8a50-ce191b98782a/export</id>
    <title>a4cd1633-da38-466f-8a50-ce191b98782a</title>
    <updated>2026-07-18T22:50:46.013072+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a4cd1633-da38-466f-8a50-ce191b98782a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42055", "type": "seen", "source": "https://bsky.app/profile/insomnisec.bsky.social/post/3mp2q6blryx2v", "content": "\ud83d\udce1 Two More Critical NGINX Vulnerabilities: CVE-2026-42530 and CVE-2026-42055", "creation_timestamp": "2026-06-24T20:15:13.948593Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a4cd1633-da38-466f-8a50-ce191b98782a/export"/>
    <published>2026-06-24T20:15:13.948593+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/057ec4f4-06f0-4514-a983-e11d21f0c081/export</id>
    <title>057ec4f4-06f0-4514-a983-e11d21f0c081</title>
    <updated>2026-07-18T22:50:46.013160+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "057ec4f4-06f0-4514-a983-e11d21f0c081", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42055", "type": "seen", "source": "https://gist.github.com/muhamedfazalps/a3449070789a6a2c13d4d4e844af803b", "content": "# \u26a0\ufe0f SECURITY ALERT: Multiple CVEs Affecting Popular Packages (June 2026)\n\n## CVE-2026-48931 \u2014 Node.js 24.17 / node-fetch Premature Close\n- **Impact:** Affects Node.js 24.17 and any app using node-fetch\n- **Severity:** High\n- **Affected:** Backstage (20\ud83d\udc4d issue), any Node.js app on 24.17\n- **Fix:** Update Node.js or apply backport\n- **Issue:** https://github.com/backstage/backstage/issues/34651\n\n## CVE-2026-54297 \u2014 Faraday Dependency Vulnerability\n- **Impact:** Affects Fastlane and apps using Faraday\n- **Severity:** High\n- **Affected:** Fastlane (9\ud83d\udc4d issue), any Ruby app using Faraday\n- **Fix:** Update Faraday dependency\n- **Issue:** https://github.com/fastlane/fastlane/issues/30086\n\n## CVE-2026-42530 &amp;amp; CVE-2026-42055 \u2014 nginx Vulnerabilities\n- **Impact:** Affects nginx and mailcow-dockerized\n- **Severity:** High\n- **Affected:** mailcow-dockerized (7\ud83d\udc4d issue), any nginx deployment\n- **Fix:** Update nginx to patched version\n- **Issue:** https://github.com/mailcow/mailcow-dockerized/issues/7299\n\n## js-yaml Quadratic DoS (v3.x)\n- **Impact:** Affects any app using js-yaml v3.x for YAML parsing\n- **Severity:** Medium-High\n- **Affected:** 15\ud83d\udc4d issue requesting backport from v4.2.0 to v3\n- **Fix:** Update to js-yaml v4.2.0+ or apply backport\n- **Issue:** https://github.com/nodeca/js-yaml/issues/762\n\n## How to Check If You're Affected\n1. Check your Node.js version: `node --version`\n2. Check your Ruby/Bundler dependencies: `bundle list | grep faraday`\n3. Check your nginx version: `nginx -v`\n4. Check your js-yaml version: `npm ls js-yaml`\n\n## What to Do\n1. Update affected dependencies immediately\n2. Review logs for suspicious activity\n3. Rotate credentials if exposure is suspected\n\n---\n*If this alert helped you: https://buymeacoffee.com/muhamedfazalps*\n", "creation_timestamp": "2026-06-23T13:41:44.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/057ec4f4-06f0-4514-a983-e11d21f0c081/export"/>
    <published>2026-06-23T13:41:44+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6c0bd62e-c94e-4fb4-898f-5d33c3493222/export</id>
    <title>6c0bd62e-c94e-4fb4-898f-5d33c3493222</title>
    <updated>2026-07-18T22:50:46.013242+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6c0bd62e-c94e-4fb4-898f-5d33c3493222", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42055", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motml63t7d2v", "content": "\ud83d\udea8  ALERT: CVE-2026-42055\n\nCVSS 8.1/10\n\n\ud83d\udccb WHAT IT IS:\nNGINX Open Source has a vulnerability in the HTTP/2 module. A remote unauthenticated attacker can send a specially crafted HTTP/2 request that causes a heap buffer overflow in the NGINX worker process. This may allow remote code execution. Exploit", "creation_timestamp": "2026-06-22T00:22:13.030462Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6c0bd62e-c94e-4fb4-898f-5d33c3493222/export"/>
    <published>2026-06-22T00:22:13.030462+00:00</published>
  </entry>
</feed>
