<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-06T05:28:33.591888+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/25e1756d-79df-4651-827e-7f6d675ea504/export</id>
    <title>25e1756d-79df-4651-827e-7f6d675ea504</title>
    <updated>2026-07-06T05:28:33.618126+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "25e1756d-79df-4651-827e-7f6d675ea504", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpwegcmhq72j", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-48908 \u0432 SP Page Builder \u0434\u043b\u044f Joomla: \u0443\u0433\u0440\u043e\u0437\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438\n\n\n\nhttps://kripta.biz/posts/9A0A0517-E3D2-41CB-B1B7-37C81929D156", "creation_timestamp": "2026-07-05T19:59:31.298195Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/25e1756d-79df-4651-827e-7f6d675ea504/export"/>
    <published>2026-07-05T19:59:31.298195+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d58cccaa-8167-42a4-813d-abddf87f62d4/export</id>
    <title>d58cccaa-8167-42a4-813d-abddf87f62d4</title>
    <updated>2026-07-06T05:28:33.620332+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d58cccaa-8167-42a4-813d-abddf87f62d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/termsofsurrender.bsky.social/post/3mpvvxje66i25", "content": "Another Joomla exploit lands; defenders still pretending patching is a strategy\nPANIC 68% | Lag 0.0h | CISA has added CVE-2026-48907, a Joomla vulnerability, to its active exploitation list, which means \n#AfterShockIndex\nREAD MORE", "creation_timestamp": "2026-07-05T15:40:42.419448Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d58cccaa-8167-42a4-813d-abddf87f62d4/export"/>
    <published>2026-07-05T15:40:42.419448+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bb49f64f-31f5-4794-8eb7-4ca93159d43a/export</id>
    <title>bb49f64f-31f5-4794-8eb7-4ca93159d43a</title>
    <updated>2026-07-06T05:28:33.620475+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "bb49f64f-31f5-4794-8eb7-4ca93159d43a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mpmsrm35me2n", "content": "ChocoPoC Crisis: How a Tasty-Looking Joomla PoC Became a Full-Blown Supply Chain Attack +\u00a0Video\n\nIntroduction: In late June 2026, YesWeHack\u2019s vulnerability intelligence team published an analysis of a critical unauthenticated RCE flaw in the Joomla JCE extension (CVE-2026-48907), including a\u2026", "creation_timestamp": "2026-07-02T00:49:45.480063Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bb49f64f-31f5-4794-8eb7-4ca93159d43a/export"/>
    <published>2026-07-02T00:49:45.480063+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a0b073c5-97d1-43f5-adef-822c72e76c4a/export</id>
    <title>a0b073c5-97d1-43f5-adef-822c72e76c4a</title>
    <updated>2026-07-06T05:28:33.620596+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a0b073c5-97d1-43f5-adef-822c72e76c4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://www.acn.gov.it/portale/w/joomla-sp-page-builder-sfruttamento-attivo-in-rete-della-cve-2026-48908", "content": "Rilevato sfruttamento attivo in rete della CVE-2026-48908 \u2013 gi\u00e0 sanata dal vendor \u2013 presente nel plugin SP Page Builder per il noto CMS Joomla! Tale vulnerabilit\u00e0, qualora sfruttata, potrebbe consentire a un utente malintenzionato remoto di eseguire codice arbitrario sui sistemi interessati.", "creation_timestamp": "2026-06-27T01:00:38.965024Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a0b073c5-97d1-43f5-adef-822c72e76c4a/export"/>
    <published>2026-06-27T01:00:38.965024+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e355404a-2b62-4c89-9465-0d6c1e4b224e/export</id>
    <title>e355404a-2b62-4c89-9465-0d6c1e4b224e</title>
    <updated>2026-07-06T05:28:33.620706+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "e355404a-2b62-4c89-9465-0d6c1e4b224e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://www.acn.gov.it/portale/w/joomla-sp-page-builder-sfruttamento-attivo-in-rete-della-cve-2026-48908", "content": "", "creation_timestamp": "2026-06-26T09:15:02.491617Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e355404a-2b62-4c89-9465-0d6c1e4b224e/export"/>
    <published>2026-06-26T09:15:02.491617+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3ffc66d9-5865-4a14-96a0-f9508371bc0f/export</id>
    <title>3ffc66d9-5865-4a14-96a0-f9508371bc0f</title>
    <updated>2026-07-06T05:28:33.621936+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3ffc66d9-5865-4a14-96a0-f9508371bc0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/hookprobe.com/post/3mp545ijkce2p", "content": "\ud83c\udfac How HookProbe Detects CVE-2026-48907: Securing Widget Factory Joomla Content Editor \u2014 AI-native edge security on a $50 Raspberry Pi. #infosec #EdgeSecurity #RaspberryPi", "creation_timestamp": "2026-06-25T18:54:51.892390Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3ffc66d9-5865-4a14-96a0-f9508371bc0f/export"/>
    <published>2026-06-25T18:54:51.892390+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1e3c94c5-c6c8-41ea-be50-715c31a3ce9d/export</id>
    <title>1e3c94c5-c6c8-41ea-be50-715c31a3ce9d</title>
    <updated>2026-07-06T05:28:33.622074+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "1e3c94c5-c6c8-41ea-be50-715c31a3ce9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://ccb.belgium.be/advisories/warning-critical-vulnerability-joomla-content-editor-extension-jce-patch-immediately", "content": "", "creation_timestamp": "2026-06-25T13:45:05.932377Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1e3c94c5-c6c8-41ea-be50-715c31a3ce9d/export"/>
    <published>2026-06-25T13:45:05.932377+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5ad14ce6-fdb3-4c0f-91b5-4edbe96f3f5e/export</id>
    <title>5ad14ce6-fdb3-4c0f-91b5-4edbe96f3f5e</title>
    <updated>2026-07-06T05:28:33.622183+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5ad14ce6-fdb3-4c0f-91b5-4edbe96f3f5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://bsky.app/profile/censys.bsky.social/post/3mp2bbz5mii2b", "content": "\ud83d\udea8 CVE-2026-48908 (CVSS 10.0) A critical flaw in Joomla's SP Page Builder can enable unauthenticated file upload &amp;amp; potential RCE:\n\u25aa\ufe0fVersions 1.0.0\u20136.6.1 affected\n\u25aa\ufe0fActive exploitation reported\n\u25aa\ufe0fPatched in 6.6.2\n\nCensys observed 194,793 web properties loading the component. https://bit.ly/43Y8ONk ", "creation_timestamp": "2026-06-24T15:48:54.608990Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5ad14ce6-fdb3-4c0f-91b5-4edbe96f3f5e/export"/>
    <published>2026-06-24T15:48:54.608990+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1da2d5f9-c5b2-4bcc-9453-3a777ef61216/export</id>
    <title>1da2d5f9-c5b2-4bcc-9453-3a777ef61216</title>
    <updated>2026-07-06T05:28:33.622288+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "1da2d5f9-c5b2-4bcc-9453-3a777ef61216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mozp5jynyo2p", "content": "\u26a0\ufe0f CISA just added another Joomla bug to its exploited list. This one is already in the wild.\n\nCVE-2026-48907.\n\nhttps://www.yazoul.net/news/article/cisa-warns-of-actively-exploited-joomla-jce-flaw-allowing-php-code-execution/\n\n#CVE #CyberSecurity", "creation_timestamp": "2026-06-24T10:24:15.739524Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1da2d5f9-c5b2-4bcc-9453-3a777ef61216/export"/>
    <published>2026-06-24T10:24:15.739524+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/708f5606-d759-4e23-bc63-1735743d3003/export</id>
    <title>708f5606-d759-4e23-bc63-1735743d3003</title>
    <updated>2026-07-06T05:28:33.622385+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "708f5606-d759-4e23-bc63-1735743d3003", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3moxxxkctdg2v", "content": "Third critical CVE added to CISA's KEV list this month. Same pattern every time.\n\nCVE-2026-48907.\n\nhttps://www.yazoul.net/news/article/cisa-warns-of-actively-exploited-joomla-jce-flaw-allowing-php-code-execution/\n\n#CVE #CyberSecurity", "creation_timestamp": "2026-06-23T17:56:38.852227Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/708f5606-d759-4e23-bc63-1735743d3003/export"/>
    <published>2026-06-23T17:56:38.852227+00:00</published>
  </entry>
</feed>
