<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-13T20:47:33.144118+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/38ceadb2-fb0f-43e7-9b24-10f18b762107/export</id>
    <title>38ceadb2-fb0f-43e7-9b24-10f18b762107</title>
    <updated>2026-07-13T20:47:33.170201+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "38ceadb2-fb0f-43e7-9b24-10f18b762107", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49494", "type": "seen", "source": "https://t.me/bdufstecru/3230", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u0440\u0441\u0435\u0440\u0430 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 IPv6 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0430 Inspect.sys \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 Comodo Internet Security \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u043e\u0442\u0435\u0440\u0435\u0439 \u0437\u043d\u0430\u0447\u0438\u043c\u043e\u0441\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438\n\nBDU:2026-07970\nCVE-2026-49494\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043f\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0443 IPv6;\n- \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 IPv6 \u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.", "creation_timestamp": "2026-07-13T00:00:48.101732Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/38ceadb2-fb0f-43e7-9b24-10f18b762107/export"/>
    <published>2026-07-13T00:00:48.101732+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/fc645da2-de1b-4444-a94c-9a8177393847/export</id>
    <title>fc645da2-de1b-4444-a94c-9a8177393847</title>
    <updated>2026-07-13T20:47:33.172460+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "fc645da2-de1b-4444-a94c-9a8177393847", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49494", "type": "seen", "source": "https://t.me/bdufstecru/3230", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u0440\u0441\u0435\u0440\u0430 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 IPv6 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0430 Inspect.sys \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 Comodo Internet Security \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u043e\u0442\u0435\u0440\u0435\u0439 \u0437\u043d\u0430\u0447\u0438\u043c\u043e\u0441\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438\n\nBDU:2026-07970\nCVE-2026-49494\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043f\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0443 IPv6;\n- \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 IPv6 \u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.", "creation_timestamp": "2026-07-12T09:01:47.618128Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/fc645da2-de1b-4444-a94c-9a8177393847/export"/>
    <published>2026-07-12T09:01:47.618128+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/712f1ec6-62e9-43d8-8340-731809622ed7/export</id>
    <title>712f1ec6-62e9-43d8-8340-731809622ed7</title>
    <updated>2026-07-13T20:47:33.172606+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "712f1ec6-62e9-43d8-8340-731809622ed7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49494", "type": "seen", "source": "https://infosec.exchange/users/malwaretech/statuses/116812550358343221", "content": "I think it\u2019s hilarious that I now have my first CVE because I got annoyed with an unresponsive vendor and just posted the zero day exploit I was trying to report to them on my GitHub \ud83d\ude06\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-49494", "creation_timestamp": "2026-06-25T20:07:50.115677Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/712f1ec6-62e9-43d8-8340-731809622ed7/export"/>
    <published>2026-06-25T20:07:50.115677+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7a9b8311-976d-4ed2-8a8d-f79618c1b2e0/export</id>
    <title>7a9b8311-976d-4ed2-8a8d-f79618c1b2e0</title>
    <updated>2026-07-13T20:47:33.172710+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7a9b8311-976d-4ed2-8a8d-f79618c1b2e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49494", "type": "seen", "source": "https://bsky.app/profile/cybersecinsight.bsky.social/post/3mnrlvmsaeb27", "content": "\ud83d\udd0d Vulnerability Spotlight | Part 2/3\n\n\u26a0\ufe0f CVE-2026-49494\n\nComodo Internet Security's firewall driver Inspect.sys contains an integer underflow in its IPv6 packet parser. The parser decrements an unsigned 6...", "creation_timestamp": "2026-06-08T11:39:39.305913Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7a9b8311-976d-4ed2-8a8d-f79618c1b2e0/export"/>
    <published>2026-06-08T11:39:39.305913+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/80e32023-898c-4d8d-b65d-92624a1d46f5/export</id>
    <title>80e32023-898c-4d8d-b65d-92624a1d46f5</title>
    <updated>2026-07-13T20:47:33.172805+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "80e32023-898c-4d8d-b65d-92624a1d46f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-49494", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnqetnlfcm23", "content": "Comodo Internet Security flaw: HIGH severity integer underflow in Inspect.sys lets remote attackers crash Windows (BSOD) via IPv6 packets \u2014 even with all ports blocked. Disable IPv6/firewall if possible until patched. https://radar.offseq.com/threat/cve-2026-49494-integer-underflow-wrap-or-wrapar...", "creation_timestamp": "2026-06-08T00:00:56.238761Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/80e32023-898c-4d8d-b65d-92624a1d46f5/export"/>
    <published>2026-06-08T00:00:56.238761+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4b9dc5ca-fd6e-4564-9c3d-4d0f0074a95e/export</id>
    <title>4b9dc5ca-fd6e-4564-9c3d-4d0f0074a95e</title>
    <updated>2026-07-13T20:47:33.172905+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "4b9dc5ca-fd6e-4564-9c3d-4d0f0074a95e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-49494", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116711544258024293", "content": "\ud83d\udea8 HIGH severity: CVE-2026-49494 in Comodo Internet Security (Inspect.sys) allows remote DoS via crafted IPv6 packets \u2014 triggering a BSOD even with all ports blocked. No patch yet; consider disabling IPv6/firewall as a workaround. https://radar.offseq.com/threat/cve-2026-49494-integer-underflow-wrap-or-wraparoun-1b6588f6 #OffSeq #Vuln #CVE202649494", "creation_timestamp": "2026-06-08T00:00:41.385178Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4b9dc5ca-fd6e-4564-9c3d-4d0f0074a95e/export"/>
    <published>2026-06-08T00:00:41.385178+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/cd2e06a5-a50d-4ecf-97d1-29da3a3f9478/export</id>
    <title>cd2e06a5-a50d-4ecf-97d1-29da3a3f9478</title>
    <updated>2026-07-13T20:47:33.173005+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "cd2e06a5-a50d-4ecf-97d1-29da3a3f9478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49494", "type": "seen", "source": "https://gist.github.com/ichintu/1fa73ee279a0b98b9904fc693266bdeb", "content": "**CVE-2026-49494 \u2013 Comodo Inspect.sys IPv6 Integer Underflow**\n\nComodo\u2019s firewall driver (Inspect.sys) performs an unsigned subtraction of IPv6 extension\u2011header lengths from a 64\u2011bit payload length without bounds checking. This can underflow, yielding a very large value processed before rule enforcement. An attacker can send a single crafted IPv6 packet to any protected Windows system, causing out\u2011of\u2011bounds reads and a massive memcpy at DISPATCH_LEVEL, which crashes the OS (BSOD). The flaw is remote\u2011able, requires no authentication, and is rated **8.7\u202fHigh**. Published\u202fJuly\u202f7\u202f2026.", "creation_timestamp": "2026-06-07T16:00:13.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/cd2e06a5-a50d-4ecf-97d1-29da3a3f9478/export"/>
    <published>2026-06-07T16:00:13+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/938909ef-4459-4144-967b-e5b39e010f21/export</id>
    <title>938909ef-4459-4144-967b-e5b39e010f21</title>
    <updated>2026-07-13T20:47:33.173109+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "938909ef-4459-4144-967b-e5b39e010f21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49494", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnpdbilyb72g", "content": "\ud83d\udfe0 CVE-2026-49494 - High (7.5)\n\nComodo Internet Security's firewall driver Inspect.sys contains an integer underflow in its IPv6 ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-49494/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-07T13:59:55.370360Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/938909ef-4459-4144-967b-e5b39e010f21/export"/>
    <published>2026-06-07T13:59:55.370360+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e32e60ee-7a4a-401b-941d-7202c930094c/export</id>
    <title>e32e60ee-7a4a-401b-941d-7202c930094c</title>
    <updated>2026-07-13T20:47:33.173209+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e32e60ee-7a4a-401b-941d-7202c930094c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49494", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mnpbhy7awi2h", "content": "Comodo Internet Security\u306eInspect.sys\u306b\u6574\u6570\u30a2\u30f3\u30c0\u30fc\u30d5\u30ed\u30fc\u306e\u8106\u5f31\u6027\u304c\u3042\u308a\u3001\u30ea\u30e2\u30fc\u30c8\u653b\u6483\u8005\u304c\u7d30\u5de5\u3057\u305fIPv6\u30d1\u30b1\u30c3\u30c8\u3092\u9001\u4fe1\u3059\u308b\u3068\u3001\u30b7\u30b9\u30c6\u30e0\u304c\u30af\u30e9\u30c3\u30b7\u30e5\u3059\u308b\u53ef\u80fd\u6027\u304c\u3042\u308b\u3002\nCVE-2026-49494 CVSS 7.5 | HIGH", "creation_timestamp": "2026-06-07T13:27:45.074110Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e32e60ee-7a4a-401b-941d-7202c930094c/export"/>
    <published>2026-06-07T13:27:45.074110+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b4006e78-b775-40c1-9d80-08ca4ab0d977/export</id>
    <title>b4006e78-b775-40c1-9d80-08ca4ab0d977</title>
    <updated>2026-07-13T20:47:33.173307+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b4006e78-b775-40c1-9d80-08ca4ab0d977", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49494", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116709041826843316", "content": "There is a new vulnerability with elevated criticality in Comodo Internet Security (CVE-2026-49494) https://vuldb.com/vuln/369116", "creation_timestamp": "2026-06-07T13:24:19.280339Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b4006e78-b775-40c1-9d80-08ca4ab0d977/export"/>
    <published>2026-06-07T13:24:19.280339+00:00</published>
  </entry>
</feed>
