<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-05T10:37:53.111381+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c0f3d7c5-9a79-44d7-81a7-9fe22ff78291/export</id>
    <title>c0f3d7c5-9a79-44d7-81a7-9fe22ff78291</title>
    <updated>2026-07-05T10:37:53.128341+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c0f3d7c5-9a79-44d7-81a7-9fe22ff78291", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mpjryrdwuc2p", "content": "\u7c73\u56fd\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f\u3001\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u30ab\u30bf\u30ed\u30b0\u306bMirasvit\u306e\u30d5\u30eb\u30da\u30fc\u30b8\u30ad\u30e3\u30c3\u30b7\u30e5\u30a6\u30a9\u30fc\u30de\u30fc\u306e\u8106\u5f31\u6027\u3092\u8ffd\u52a0\u3057\u305f\u3002\n\n\u7c73\u56fd\u306e\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f \u3001\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\uff08KEV\uff09\u30ab\u30bf\u30ed\u30b0\u306b\u3001 CVE-2026-45247\uff08CVSS\u30d0\u30fc\u30b8\u30e7\u30f34.0\u30b9\u30b3\u30a29.3\uff09\u3068\u3057\u3066\u8ffd\u8de1\u3055\u308c\u3066\u3044\u308bMirasvit Full Page Cache Warmer\u306e\u8106\u5f31\u6027\u3092\u8ffd\u52a0\u3057\u307e\u3057\u305f\u3002\n\nCVE-2026-45247\u306f\u3001Magento 2\u7528Mirasvit Full Page Cache Warm...", "creation_timestamp": "2026-06-30T19:57:54.692834Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c0f3d7c5-9a79-44d7-81a7-9fe22ff78291/export"/>
    <published>2026-06-30T19:57:54.692834+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8f5814a6-3489-45d3-830a-4dec08a65721/export</id>
    <title>8f5814a6-3489-45d3-830a-4dec08a65721</title>
    <updated>2026-07-05T10:37:53.131125+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8f5814a6-3489-45d3-830a-4dec08a65721", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mpjr2euy7s2p", "content": "Mirasvit\u306e\u8106\u5f31\u6027\u304c\u60aa\u7528\u3055\u308c\u3001Magento\u30b5\u30fc\u30d0\u30fc\u4e0a\u3067\u30b3\u30fc\u30c9\u304c\u5b9f\u884c\u3055\u308c\u305f\n\nCache Wormer\u306f\u30da\u30fc\u30b8\u306e\u30ad\u30e3\u30c3\u30b7\u30e5\u72b6\u614b\u3092\u76e3\u8996\u3057\u3001\u30da\u30fc\u30b8\u306e\u6700\u65b0\u30d0\u30fc\u30b8\u30e7\u30f3\u3092\u81ea\u52d5\u7684\u306b\u30ad\u30e3\u30c3\u30b7\u30e5\u306b\u8ffd\u52a0\u3059\u308b\u3053\u3068\u3067\u3001\u8aad\u307f\u8fbc\u307f\u901f\u5ea6\u3092\u5411\u4e0a\u3055\u305b\u3001\u30da\u30fc\u30b8\u30e9\u30f3\u30ad\u30f3\u30b0\u3092\u6539\u5584\u3057\u307e\u3059\u3002 \n\n\u60aa\u7528\u3055\u308c\u305f\u30d0\u30b0\u306f\u3001CVE-2026-45247\uff08CVSS\u30b9\u30b3\u30a29.8\uff09\u3068\u3057\u3066\u8ffd\u8de1\u3055\u308c\u3066\u304a\u308a\u3001PHP\u30aa\u30d6\u30b8\u30a7\u30af\u30c8\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u3068\u3057\u3066\u8aac\u660e\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3059\u308b\u3068\u3001\u8a8d\u8a3c\u306a\u3057\u3067\u30ea\u30e2\u30fc\u30c8\u304b\u3089Magento\u304a\u3088\u3073Adobe Commerce\u30b5\u30fc\u30d0\u30fc\u4e0a\u3067\u4efb\u610f\u306e\u30b3\u30fc\u30c9\u3092\u5b9f\u884c\u3067\u304d\u307e\u3059\u3002", "creation_timestamp": "2026-06-30T19:40:55.067622Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8f5814a6-3489-45d3-830a-4dec08a65721/export"/>
    <published>2026-06-30T19:40:55.067622+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b35ee789-13ed-43c7-a17c-8d09d9d552a3/export</id>
    <title>b35ee789-13ed-43c7-a17c-8d09d9d552a3</title>
    <updated>2026-07-05T10:37:53.131371+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b35ee789-13ed-43c7-a17c-8d09d9d552a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mphc3tefxs2f", "content": "CISA\u304cMagento\u306eRCE\u8106\u5f31\u6027CVE-2026-45247\u3092KEV\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0\n\n\u7c73\u56fd\u306e\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f\u6c34\u66dc\u65e5\u3001 Magento\u3067\u4eba\u6c17\u306e\u9ad8\u3044\u30d5\u30eb\u30da\u30fc\u30b8\u30ad\u30e3\u30c3\u30b7\u30e5\u62e1\u5f35\u6a5f\u80fd\u3067\u3042\u308bMirasvit Cache Warmer\u306b\u5f71\u97ff\u3092\u4e0e\u3048\u308b\u91cd\u5927\u306a\u8106\u5f31\u6027\u3092\u3001\u65e2\u77e5\u306e\u60aa\u7528\u4e8b\u4f8b\uff08KEV\uff09\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0\u3057\u305f\u3002\u3053\u308c\u306f\u3001\u5b9f\u969b\u306b\u60aa\u7528\u3055\u308c\u3066\u3044\u308b\u3068\u306e\u5831\u544a\u3092\u53d7\u3051\u305f\u63aa\u7f6e\u3067\u3042\u308b\u3002\n\nCVE-2026-45247 \uff08CVSS\u30b9\u30b3\u30a2\uff1a9.8\uff09\u3068\u3057\u3066\u8ffd\u8de1\u3055\u308c\u3066\u3044\u308b\u3053\u306e\u8106\u5f31\u6027\u306f\u3001\u4fe1\u983c\u3067\u304d\u306a\u3044\u30c7\u30fc\u30bf\u306e\u9006\u30b7\u30ea\u30a2\u30eb\u5316\u306b\u95a2\u3059\u308b\u3082\u306e\u3067\u3001\u5f71\u97ff\u3092\u53d7\u3051\u308b\u30b5\u30fc\u30d0\u30fc\u4e0a\u3067\u4efb\u610f\u306ePHP\u30b3\u30fc\u30c9...", "creation_timestamp": "2026-06-29T20:07:58.567047Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b35ee789-13ed-43c7-a17c-8d09d9d552a3/export"/>
    <published>2026-06-29T20:07:58.567047+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6f0d3f35-b7c5-4ec0-bedc-bd706664ea67/export</id>
    <title>6f0d3f35-b7c5-4ec0-bedc-bd706664ea67</title>
    <updated>2026-07-05T10:37:53.131497+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6f0d3f35-b7c5-4ec0-bedc-bd706664ea67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mphbqel66c2f", "content": "CISA Adds One Known Exploited Vulnerability to Catalog\nRelease Date June 03, 2026\n\nCVE-2026-45247 Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability", "creation_timestamp": "2026-06-29T20:01:30.976443Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6f0d3f35-b7c5-4ec0-bedc-bd706664ea67/export"/>
    <published>2026-06-29T20:01:30.976443+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3d94d037-fbee-45b8-b225-5bf4d8f0f6a0/export</id>
    <title>3d94d037-fbee-45b8-b225-5bf4d8f0f6a0</title>
    <updated>2026-07-05T10:37:53.131617+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3d94d037-fbee-45b8-b225-5bf4d8f0f6a0", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/8a2027fb-b891-4d63-926d-c5ccff81bc24", "content": "", "creation_timestamp": "2026-06-23T14:03:02.214945Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3d94d037-fbee-45b8-b225-5bf4d8f0f6a0/export"/>
    <published>2026-06-23T14:03:02.214945+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c6a7cdbd-0009-420d-ae2d-85c6ba1d6117/export</id>
    <title>c6a7cdbd-0009-420d-ae2d-85c6ba1d6117</title>
    <updated>2026-07-05T10:37:53.131733+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c6a7cdbd-0009-420d-ae2d-85c6ba1d6117", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b506f4f7-f803-428f-9809-3cdb30f9afca", "content": "", "creation_timestamp": "2026-06-19T12:45:10.733854Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c6a7cdbd-0009-420d-ae2d-85c6ba1d6117/export"/>
    <published>2026-06-19T12:45:10.733854+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/60700e00-de42-421e-8dc9-69e1bce182c0/export</id>
    <title>60700e00-de42-421e-8dc9-69e1bce182c0</title>
    <updated>2026-07-05T10:37:53.131845+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "60700e00-de42-421e-8dc9-69e1bce182c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mo4erk4fby26", "content": "\ud83d\udea8 CRITICAL \u2014 CVE-2026-45247 | CVSS 9.8 | CISA KEV ACTIVE EXPLOITATION\n\nMirasvit Full Page Cache Warmer &amp;lt; 1.11.12 \u2014 Unauthenticated PHP Object Injection \u2192 RCE\n\nA single crafted CacheWarmer cookie on any storefront page = full unauth RCE via Magento gadget chains. CISA added to KEV 2026-06-03 (due 202", "creation_timestamp": "2026-06-12T18:31:23.298125Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/60700e00-de42-421e-8dc9-69e1bce182c0/export"/>
    <published>2026-06-12T18:31:23.298125+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b3f528d9-41de-4044-9b42-570587616ae7/export</id>
    <title>b3f528d9-41de-4044-9b42-570587616ae7</title>
    <updated>2026-07-05T10:37:53.131943+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b3f528d9-41de-4044-9b42-570587616ae7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnwz2hxp5r2x", "content": "\ud83d\udea8 CRITICAL \u2014 CVE-2026-45247 (CVSS 9.8)\n\nPHP object injection vulnerability allowing unauthenticated attackers to achieve remote code execution before version 1.11.12\nAffects: Mirasvit Full Page Cache Warmer for Magento 2 before v1.11.12\n\nIf you run this extension, patch immediately. Unauthenticated ", "creation_timestamp": "2026-06-10T15:18:19.269928Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b3f528d9-41de-4044-9b42-570587616ae7/export"/>
    <published>2026-06-10T15:18:19.269928+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/03cfe4db-79ea-4b45-9ecf-217062cb454d/export</id>
    <title>03cfe4db-79ea-4b45-9ecf-217062cb454d</title>
    <updated>2026-07-05T10:37:53.132042+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "03cfe4db-79ea-4b45-9ecf-217062cb454d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "published-proof-of-concept", "source": "Telegram/zuaenQnFGWDCKOr6rNa5-YAqq3JVsHmPVXkOzfQQMF7sHIs", "content": "", "creation_timestamp": "2026-06-10T03:00:06.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/03cfe4db-79ea-4b45-9ecf-217062cb454d/export"/>
    <published>2026-06-10T03:00:06+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a4f093ed-f0af-48f8-a0bd-31de99bfab91/export</id>
    <title>a4f093ed-f0af-48f8-a0bd-31de99bfab91</title>
    <updated>2026-07-05T10:37:53.132136+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a4f093ed-f0af-48f8-a0bd-31de99bfab91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/patchdayalert.com/post/3mnvjeobq6n2o", "content": "Magento + Mirasvit Cache Warmer = remote code execution via one cookie. CVE-2026-45247 is live, under active attack, CISA deadline Saturday. Act today.\n\npatchdayalert.com/blog/mirasvi...", "creation_timestamp": "2026-06-10T01:05:51.439332Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a4f093ed-f0af-48f8-a0bd-31de99bfab91/export"/>
    <published>2026-06-10T01:05:51.439332+00:00</published>
  </entry>
</feed>
