<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-14T01:10:56.777377+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bd0541ef-35ff-4fcd-87b1-ff453a05920b/export</id>
    <title>bd0541ef-35ff-4fcd-87b1-ff453a05920b</title>
    <updated>2026-07-14T01:10:56.795824+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "bd0541ef-35ff-4fcd-87b1-ff453a05920b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48205", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mq76i42nok26", "content": "\ud83d\udccc CVE-2026-48205 - Improper Input Validation, Server-Side Request Forgery (SSRF) vulnerability in Apache Camel DNS component.\n\nThe camel-dns producers read DNS operation... https://www.cyberhub.blog/cves/CVE-2026-48205", "creation_timestamp": "2026-07-09T08:07:07.290405Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bd0541ef-35ff-4fcd-87b1-ff453a05920b/export"/>
    <published>2026-07-09T08:07:07.290405+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/fa6fcd47-a997-4807-8f9d-cbffb831f6a3/export</id>
    <title>fa6fcd47-a997-4807-8f9d-cbffb831f6a3</title>
    <updated>2026-07-14T01:10:56.799057+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "fa6fcd47-a997-4807-8f9d-cbffb831f6a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48203", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mq74shhd2c2k", "content": "\ud83d\udccc CVE-2026-48203 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), Improper Input Validation, Server-Side Request For... https://www.cyberhub.blog/cves/CVE-2026-48203", "creation_timestamp": "2026-07-09T07:37:06.924484Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/fa6fcd47-a997-4807-8f9d-cbffb831f6a3/export"/>
    <published>2026-07-09T07:37:06.924484+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/eae6f90d-c3aa-4583-9614-dcbc0dbf9531/export</id>
    <title>eae6f90d-c3aa-4583-9614-dcbc0dbf9531</title>
    <updated>2026-07-14T01:10:56.799247+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "eae6f90d-c3aa-4583-9614-dcbc0dbf9531", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48204", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mq6sqmddak2g", "content": "\ud83d\udccc CVE-2026-48204 - Improper Input Validation, Improper Access Control vulnerability in Apache Camel in Camel Mongodb Gridfs component.\n\nThe camel-mongodb-gridfs producer... https://www.cyberhub.blog/cves/CVE-2026-48204", "creation_timestamp": "2026-07-09T04:37:07.617808Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/eae6f90d-c3aa-4583-9614-dcbc0dbf9531/export"/>
    <published>2026-07-09T04:37:07.617808+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1928f95c-21a5-4088-8049-31a48c432320/export</id>
    <title>1928f95c-21a5-4088-8049-31a48c432320</title>
    <updated>2026-07-14T01:10:56.799371+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "1928f95c-21a5-4088-8049-31a48c432320", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48204", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mq6peorkp62a", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-48204 \u0432 Apache Camel: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/6F91E94E-C46E-4DF0-A061-5228A177042B", "creation_timestamp": "2026-07-09T03:36:45.883207Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1928f95c-21a5-4088-8049-31a48c432320/export"/>
    <published>2026-07-09T03:36:45.883207+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/651428bb-a25c-4350-a237-0c7233f4395a/export</id>
    <title>651428bb-a25c-4350-a237-0c7233f4395a</title>
    <updated>2026-07-14T01:10:56.799485+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "651428bb-a25c-4350-a237-0c7233f4395a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48203", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mq6pe244zn2d", "content": "CVE-2026-48203: \u0423\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u043c\u0435\u0442\u043e\u0434\u044b \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445\n\n\n\nhttps://kripta.biz/posts/03102D75-D87C-4F83-AAEA-EBB1E9C75BC8", "creation_timestamp": "2026-07-09T03:36:23.994931Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/651428bb-a25c-4350-a237-0c7233f4395a/export"/>
    <published>2026-07-09T03:36:23.994931+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/16744b96-9375-4806-a635-05bc100c024b/export</id>
    <title>16744b96-9375-4806-a635-05bc100c024b</title>
    <updated>2026-07-14T01:10:56.799607+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "16744b96-9375-4806-a635-05bc100c024b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48205", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpywszkc562b", "content": "CVE-2026-48205 - apache camel dns\nApache Camel's DNS component allows an attacker to control which DNS server is used, potentially revealing internal network information. This can happen if an attacker sends\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#apachefoundation #CVE #infosec", "creation_timestamp": "2026-07-06T20:34:04.668530Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/16744b96-9375-4806-a635-05bc100c024b/export"/>
    <published>2026-07-06T20:34:04.668530+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b1dfaf9a-5d58-4e6d-b6d8-5a40a61a45fb/export</id>
    <title>b1dfaf9a-5d58-4e6d-b6d8-5a40a61a45fb</title>
    <updated>2026-07-14T01:10:56.799715+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b1dfaf9a-5d58-4e6d-b6d8-5a40a61a45fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48204", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpywpibcwx2h", "content": "CVE-2026-48204 - apache camel\nApache Camel's MongoDB component allows unauthenticated HTTP clients to switch MongoDB operations, including deleting files, without a password. This means that\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#apachecamel #apachefoundation #CVE #infosec", "creation_timestamp": "2026-07-06T20:32:05.711354Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b1dfaf9a-5d58-4e6d-b6d8-5a40a61a45fb/export"/>
    <published>2026-07-06T20:32:05.711354+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/09786bff-5895-414c-9d7b-9987707a521f/export</id>
    <title>09786bff-5895-414c-9d7b-9987707a521f</title>
    <updated>2026-07-14T01:10:56.799831+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "09786bff-5895-414c-9d7b-9987707a521f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48203", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpywpgyich2h", "content": "CVE-2026-48203 - apache camel\nApache Camel Solr's security filter failed to block certain header names, allowing an attacker to inject malicious data into Solr queries and indexed documents.\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#apachecamel #apachefoundation #CVE #infosec", "creation_timestamp": "2026-07-06T20:32:04.748255Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/09786bff-5895-414c-9d7b-9987707a521f/export"/>
    <published>2026-07-06T20:32:04.748255+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/22b91d6a-73f4-49ec-a6fc-2e50c9510a85/export</id>
    <title>22b91d6a-73f4-49ec-a6fc-2e50c9510a85</title>
    <updated>2026-07-14T01:10:56.799932+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "22b91d6a-73f4-49ec-a6fc-2e50c9510a85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48203", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mpwg6pj4kz2a", "content": "CVE-2026-48203: Apache Camel: Camel-Solr: The SolrParam. and SolrField. Exchange header prefixes used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to inject Solr query parameters (server-side request forgery) and document fields", "creation_timestamp": "2026-07-05T20:31:08.779392Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/22b91d6a-73f4-49ec-a6fc-2e50c9510a85/export"/>
    <published>2026-07-05T20:31:08.779392+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d60e73f0-ad9d-45e9-956a-d82684d0b027/export</id>
    <title>d60e73f0-ad9d-45e9-956a-d82684d0b027</title>
    <updated>2026-07-14T01:10:56.800042+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d60e73f0-ad9d-45e9-956a-d82684d0b027", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48206", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mpwftcmt4q2i", "content": "CVE-2026-48206: Apache Camel: Camel-JIRA: A set of non-Camel-prefixed Exchange header constants (IssueKey, ProjectKey, IssueTransitionId, ...) bypass the HTTP header filter, allowing an HTTP client to drive arbitrary JIRA issue operations using the endpoint's configured credentials", "creation_timestamp": "2026-07-05T20:24:43.431675Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d60e73f0-ad9d-45e9-956a-d82684d0b027/export"/>
    <published>2026-07-05T20:24:43.431675+00:00</published>
  </entry>
</feed>
