<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-19T02:32:09.237117+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/0d6ac1a3-cdee-4d95-898d-4d90fdf322ac/export</id>
    <title>0d6ac1a3-cdee-4d95-898d-4d90fdf322ac</title>
    <updated>2026-07-19T02:32:09.261760+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "0d6ac1a3-cdee-4d95-898d-4d90fdf322ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46529", "type": "published-proof-of-concept", "source": "Telegram/3JJsuGuhcMBm07xmogHjfc9OsefJQdOZBBeMFqVzVN8tJ5g", "content": "", "creation_timestamp": "2026-07-17T00:00:08.925079Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/0d6ac1a3-cdee-4d95-898d-4d90fdf322ac/export"/>
    <published>2026-07-17T00:00:08.925079+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ed254951-54e6-4c82-b307-7493ce66533f/export</id>
    <title>ed254951-54e6-4c82-b307-7493ce66533f</title>
    <updated>2026-07-19T02:32:09.264753+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ed254951-54e6-4c82-b307-7493ce66533f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46529", "type": "seen", "source": "Telegram/3JJsuGuhcMBm07xmogHjfc9OsefJQdOZBBeMFqVzVN8tJ5g", "content": "", "creation_timestamp": "2026-07-16T19:00:08.564385Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ed254951-54e6-4c82-b307-7493ce66533f/export"/>
    <published>2026-07-16T19:00:08.564385+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/fda4de24-0892-492e-afe6-fae4c68eac2b/export</id>
    <title>fda4de24-0892-492e-afe6-fae4c68eac2b</title>
    <updated>2026-07-19T02:32:09.264962+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "fda4de24-0892-492e-afe6-fae4c68eac2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46529", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnxxpa5vn52n", "content": "CVE-2026-46529 - PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen\nCVE ID : CVE-2026-46529\n \n Published : June 10, 2026, 8:17 p.m. | 2\u00a0hours, 59\u00a0minutes ago\n \n Description : Atril Document Viewer is the default document reader of the MATE deskto...", "creation_timestamp": "2026-06-11T00:26:48.105437Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/fda4de24-0892-492e-afe6-fae4c68eac2b/export"/>
    <published>2026-06-11T00:26:48.105437+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e8d96eb3-f4c1-44d7-8534-ab3854b6ba7e/export</id>
    <title>e8d96eb3-f4c1-44d7-8534-ab3854b6ba7e</title>
    <updated>2026-07-19T02:32:09.265129+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e8d96eb3-f4c1-44d7-8534-ab3854b6ba7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46529", "type": "seen", "source": "https://bsky.app/profile/wdormann.infosec.exchange.ap.brid.gy/post/3mnxphbvlmsy2", "content": "Courtesy of GitHub, CVE-2026-46529 now exists\n\nBetter late than never?", "creation_timestamp": "2026-06-10T21:59:56.725833Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e8d96eb3-f4c1-44d7-8534-ab3854b6ba7e/export"/>
    <published>2026-06-10T21:59:56.725833+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/113a5e9e-e782-4d95-af9b-cfcfad9878e3/export</id>
    <title>113a5e9e-e782-4d95-af9b-cfcfad9878e3</title>
    <updated>2026-07-19T02:32:09.265276+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "113a5e9e-e782-4d95-af9b-cfcfad9878e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46529", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mnijq34o3k2y", "content": "\u26a0\ufe0f ALERTA DE SEGURAN\u00c7A \u26a0\ufe0f\n\nA vulnerabilidade CVE-2026-46529 no visualizador de PDFs Evince pode comprometer seu sistema com um \u00fanico clique. Saiba mais. -&amp;gt; tinyurl.com/2xa5kyja  #openSUSE", "creation_timestamp": "2026-06-04T21:06:49.112715Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/113a5e9e-e782-4d95-af9b-cfcfad9878e3/export"/>
    <published>2026-06-04T21:06:49.112715+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b58ab7bc-6074-4087-96ce-761323f20c3e/export</id>
    <title>b58ab7bc-6074-4087-96ce-761323f20c3e</title>
    <updated>2026-07-19T02:32:09.265417+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b58ab7bc-6074-4087-96ce-761323f20c3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46529", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mnijpysvqc2y", "content": "\u26a0\ufe0f ALERTA DE SEGURAN\u00c7A \u26a0\ufe0f\n\nA vulnerabilidade CVE-2026-46529 no visualizador de PDFs Evince pode comprometer seu sistema com um \u00fanico clique. Saiba mais. -&amp;gt; tinyurl.com/2xa5kyja  #openSUSE", "creation_timestamp": "2026-06-04T21:06:48.563615Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b58ab7bc-6074-4087-96ce-761323f20c3e/export"/>
    <published>2026-06-04T21:06:48.563615+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4fdb0379-34b0-409b-bbe5-2b9e2faa41a7/export</id>
    <title>4fdb0379-34b0-409b-bbe5-2b9e2faa41a7</title>
    <updated>2026-07-19T02:32:09.265557+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "4fdb0379-34b0-409b-bbe5-2b9e2faa41a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46529", "type": "seen", "source": "https://bsky.app/profile/wdormann.infosec.exchange.ap.brid.gy/post/3mmkepycm3fd2", "content": "This evince (and friends) command injection is sort of neat.\n\nThere seems to be some agreement that it's CVE-2026-46529, except CVE-2026-46529 doesn't actually exist.\n\nThe advisory isn't clear what distros are affected, and it took a couple of attempts to [\u2026] \n\n[Original post on infosec.exchange]", "creation_timestamp": "2026-05-23T21:17:30.050002Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4fdb0379-34b0-409b-bbe5-2b9e2faa41a7/export"/>
    <published>2026-05-23T21:17:30.050002+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7bbce898-2128-4f5c-9910-28a649de07a2/export</id>
    <title>7bbce898-2128-4f5c-9910-28a649de07a2</title>
    <updated>2026-07-19T02:32:09.265694+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7bbce898-2128-4f5c-9910-28a649de07a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46529", "type": "seen", "source": "https://infosec.exchange/users/wdormann/statuses/116625967773895498", "content": "This evince (and friends) command injection is sort of neat.\nThere seems to be some agreement that it's CVE-2026-46529, except CVE-2026-46529 doesn't actually exist.\nThe advisory isn't clear what distros are affected, and it took a couple of attempts to find an environment where the default exploit works.  But here's a screen recording of it working on OpenSUSE.  You click anywhere in a PDF and you get arbitrary command execution.\nAlso slightly odd is that the writeup in GitHub states that evince &amp;lt;48.1 is affected, but my screen recording clearly indicates that 48.1 IS affected.", "creation_timestamp": "2026-05-23T21:17:23.580090Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7bbce898-2128-4f5c-9910-28a649de07a2/export"/>
    <published>2026-05-23T21:17:23.580090+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/53a9f265-d278-4d0d-ba65-d428eeab781a/export</id>
    <title>53a9f265-d278-4d0d-ba65-d428eeab781a</title>
    <updated>2026-07-19T02:32:09.265835+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "53a9f265-d278-4d0d-ba65-d428eeab781a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46529", "type": "seen", "source": "https://bsky.app/profile/lobsters-feed.bsky.social/post/3mmhxr4xxgz2q", "content": "[oss-security] Evince/Atril/Xreader command injection CVE-2026-46529 https://lobste.rs/s/rlpzut #security #linux ", "creation_timestamp": "2026-05-22T22:20:04.355539Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/53a9f265-d278-4d0d-ba65-d428eeab781a/export"/>
    <published>2026-05-22T22:20:04.355539+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a4149cef-7eac-4658-acef-97f599261e42/export</id>
    <title>a4149cef-7eac-4658-acef-97f599261e42</title>
    <updated>2026-07-19T02:32:09.265947+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a4149cef-7eac-4658-acef-97f599261e42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46529", "type": "seen", "source": "https://bsky.app/profile/news.karthihegde.dev/post/3mmhxksbk7j2w", "content": "[oss-security] Evince/Atril/Xreader command injection CVE-2026-46529\nDiscussion | lobsters | Author: commanderk", "creation_timestamp": "2026-05-22T22:16:31.849992Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a4149cef-7eac-4658-acef-97f599261e42/export"/>
    <published>2026-05-22T22:16:31.849992+00:00</published>
  </entry>
</feed>
