<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-04T09:17:08.133920+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a832ebd0-6149-4503-acee-b145ea61a694/export</id>
    <title>a832ebd0-6149-4503-acee-b145ea61a694</title>
    <updated>2026-07-04T09:17:08.159847+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a832ebd0-6149-4503-acee-b145ea61a694", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42897", "type": "seen", "source": "https://bsky.app/profile/ltswi.bsky.social/post/3mppcgtplg42c", "content": "In May 2026, Microsoft confirmed that hackers are actively breaking into on-premise Exchange servers using a flaw called CVE-2026-42897.\n\nThe attack is simple. A hacker sends a normal-looking email to someone on your team. They open it in the browser version of Outlook. Hidden code in the email runs", "creation_timestamp": "2026-07-03T00:35:23.676042Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a832ebd0-6149-4503-acee-b145ea61a694/export"/>
    <published>2026-07-03T00:35:23.676042+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/70eba25a-a244-4186-84ae-cc5e879985c6/export</id>
    <title>70eba25a-a244-4186-84ae-cc5e879985c6</title>
    <updated>2026-07-04T09:17:08.161440+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "70eba25a-a244-4186-84ae-cc5e879985c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42897", "type": "seen", "source": "https://bsky.app/profile/uwannawat.bsky.social/post/3mppcgqxikd2n", "content": "In May 2026, Microsoft confirmed that hackers are actively breaking into on-premise Exchange servers using a flaw called CVE-2026-42897.\n\nThe attack is simple. A hacker sends a normal-looking email to someone on your team. They open it in the browser version of Outlook. Hidden code in the email runs", "creation_timestamp": "2026-07-03T00:35:21.358091Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/70eba25a-a244-4186-84ae-cc5e879985c6/export"/>
    <published>2026-07-03T00:35:21.358091+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e24b823f-6e23-4297-b229-eff8c09c3e7b/export</id>
    <title>e24b823f-6e23-4297-b229-eff8c09c3e7b</title>
    <updated>2026-07-04T09:17:08.161579+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e24b823f-6e23-4297-b229-eff8c09c3e7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42897", "type": "seen", "source": "https://bsky.app/profile/geekpoint.bsky.social/post/3mppcgpk3ui2j", "content": "In May 2026, Microsoft confirmed that hackers are actively breaking into on-premise Exchange servers using a flaw called CVE-2026-42897.\n\nThe attack is simple. A hacker sends a normal-looking email to someone on your team. They open it in the browser version of Outlook. Hidden code in the email runs", "creation_timestamp": "2026-07-03T00:35:19.469850Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e24b823f-6e23-4297-b229-eff8c09c3e7b/export"/>
    <published>2026-07-03T00:35:19.469850+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/61e31b0c-6d6e-440d-8ef0-850057a2fce9/export</id>
    <title>61e31b0c-6d6e-440d-8ef0-850057a2fce9</title>
    <updated>2026-07-04T09:17:08.161687+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "61e31b0c-6d6e-440d-8ef0-850057a2fce9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42897", "type": "seen", "source": "https://bsky.app/profile/newstecnicas.com/post/3moxlk2fuas2l", "content": "\ud83d\udee1\ufe0f #Alerta Cr\u00edtica: CVE-2026-42897 y #Exploits Activos en Exchange tras #Patch Tuesday www.newstecnicas.com/2026/06/aler...", "creation_timestamp": "2026-06-23T14:14:27.688601Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/61e31b0c-6d6e-440d-8ef0-850057a2fce9/export"/>
    <published>2026-06-23T14:14:27.688601+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3f344723-1e58-4fb1-9446-cef942542cd8/export</id>
    <title>3f344723-1e58-4fb1-9446-cef942542cd8</title>
    <updated>2026-07-04T09:17:08.161788+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3f344723-1e58-4fb1-9446-cef942542cd8", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42897", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0ea415e7-5f42-41a9-b307-13732d7df755", "content": "", "creation_timestamp": "2026-06-23T14:03:38.130504Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3f344723-1e58-4fb1-9446-cef942542cd8/export"/>
    <published>2026-06-23T14:03:38.130504+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f2e042c2-d533-4e99-b889-387b4654e6b6/export</id>
    <title>f2e042c2-d533-4e99-b889-387b4654e6b6</title>
    <updated>2026-07-04T09:17:08.161884+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f2e042c2-d533-4e99-b889-387b4654e6b6", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42897", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7fa6af2f-9e78-4a3d-999f-234f19940f99", "content": "", "creation_timestamp": "2026-06-19T12:45:12.118108Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f2e042c2-d533-4e99-b889-387b4654e6b6/export"/>
    <published>2026-06-19T12:45:12.118108+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1a93e4c1-a8f7-42b5-befb-110a6e742bec/export</id>
    <title>1a93e4c1-a8f7-42b5-befb-110a6e742bec</title>
    <updated>2026-07-04T09:17:08.161975+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "1a93e4c1-a8f7-42b5-befb-110a6e742bec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42897", "type": "seen", "source": "https://bsky.app/profile/redmondit.bsky.social/post/3modxsnrhkp2u", "content": "Microsoft has released its June 2026 Exchange Server security updates, including fixes for CVE-2026-42897 and other vulnerabilities affecting supported on-premises deployments.\n\nSee what Exchange administrators need to know: https://ow.ly/EOxl50ZbMqp\n\n#Microsoft #ExchangeServer #Cybersecurity", "creation_timestamp": "2026-06-15T19:00:39.818369Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1a93e4c1-a8f7-42b5-befb-110a6e742bec/export"/>
    <published>2026-06-15T19:00:39.818369+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3d4d5913-2b99-49b9-8f24-8567110ca0cd/export</id>
    <title>3d4d5913-2b99-49b9-8f24-8567110ca0cd</title>
    <updated>2026-07-04T09:17:08.162067+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3d4d5913-2b99-49b9-8f24-8567110ca0cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42897", "type": "seen", "source": "https://bsky.app/profile/hissenit.bsky.social/post/3mo3duwog4s2f", "content": "*MS Exchange Server XSS Vulnerability*\n\nThe vulnerability CVE-2026-42897 is a cross-site scripting (XSS) flaw in Exchange Server Outlook Web Access that allows attackers to execute malicious JavaScript.....\n\n =&amp;gt; Train your developers and TPMs! - www.hissenit.com/en/academy/s...", "creation_timestamp": "2026-06-12T08:42:48.356168Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3d4d5913-2b99-49b9-8f24-8567110ca0cd/export"/>
    <published>2026-06-12T08:42:48.356168+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ddd3d8e2-8e7b-4dc6-b223-931bbe3d1741/export</id>
    <title>ddd3d8e2-8e7b-4dc6-b223-931bbe3d1741</title>
    <updated>2026-07-04T09:17:08.162163+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ddd3d8e2-8e7b-4dc6-b223-931bbe3d1741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42897", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnzzae3ds42q", "content": "Microsoft Exchange Under Fire: Actively Exploited Zero-Day CVE-2026-42897 Exposes Web-Based Email to Silent JavaScript Attacks +\u00a0Video\n\nA Quiet Patch Tuesday That Closed a Loud Security Gap Microsoft has released its latest Patch Tuesday updates addressing a serious and actively exploited\u2026", "creation_timestamp": "2026-06-11T19:59:36.444372Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ddd3d8e2-8e7b-4dc6-b223-931bbe3d1741/export"/>
    <published>2026-06-11T19:59:36.444372+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/113dc411-18e8-4d9a-8fa3-781e226cb740/export</id>
    <title>113dc411-18e8-4d9a-8fa3-781e226cb740</title>
    <updated>2026-07-04T09:17:08.162258+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "113dc411-18e8-4d9a-8fa3-781e226cb740", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42897", "type": "seen", "source": "https://bsky.app/profile/it-administrator.de/post/3mnzavvpcs22o", "content": "Drei Wochen lang war der Exchange Emergency Mitigation Service die einzige Absicherung gegen CVE-2026-42897. Jetzt liefert Microsoft dauerhafte Patches und empfiehlt die Installation so schnell wie m\u00f6glich.\n\nwww.it-administrator.de/microsoft-ex...", "creation_timestamp": "2026-06-11T12:44:18.941482Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/113dc411-18e8-4d9a-8fa3-781e226cb740/export"/>
    <published>2026-06-11T12:44:18.941482+00:00</published>
  </entry>
</feed>
