<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-19T15:36:13.431161+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7a01ce37-5383-4f01-a352-fd7898910edc/export</id>
    <title>7a01ce37-5383-4f01-a352-fd7898910edc</title>
    <updated>2026-07-19T15:36:13.454056+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7a01ce37-5383-4f01-a352-fd7898910edc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50628", "type": "seen", "source": "https://bsky.app/profile/vulny-app.bsky.social/post/3mqng6a55dz2o", "content": "A critical-severity fix just shipped for Apache Cxf. If your stack uses it, patch to the fixed release soon. Quietly closes the gap before anyone goes looking. CVE-2026-50628", "creation_timestamp": "2026-07-15T00:02:01.822109Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7a01ce37-5383-4f01-a352-fd7898910edc/export"/>
    <published>2026-07-15T00:02:01.822109+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bd0c9a71-fdc8-41ec-a1cd-ccaae7dce911/export</id>
    <title>bd0c9a71-fdc8-41ec-a1cd-ccaae7dce911</title>
    <updated>2026-07-19T15:36:13.456623+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "bd0c9a71-fdc8-41ec-a1cd-ccaae7dce911", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50628", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3moduzgn7pc2o", "content": "\ud83d\udea8 CRITICAL ALERT: CVE-2026-50628\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nA logic error in OAuthRequestFilter rejects legitimate requests originating from the bound IP address, while blindly allowing requests from any other IP address. Enabling this\n\nsecurity feature inadvertently creates an inverse security che", "creation_timestamp": "2026-06-15T18:10:45.933209Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bd0c9a71-fdc8-41ec-a1cd-ccaae7dce911/export"/>
    <published>2026-06-15T18:10:45.933209+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d161afe7-1171-421a-a0bd-3889f72df2a2/export</id>
    <title>d161afe7-1171-421a-a0bd-3889f72df2a2</title>
    <updated>2026-07-19T15:36:13.456716+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d161afe7-1171-421a-a0bd-3889f72df2a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50628", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mnzt3n3bgh2t", "content": "CVE-2026-50628: Apache CXF: OAuth2: Inverted IP Binding Check Defeats Security Control", "creation_timestamp": "2026-06-11T18:09:35.218074Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d161afe7-1171-421a-a0bd-3889f72df2a2/export"/>
    <published>2026-06-11T18:09:35.218074+00:00</published>
  </entry>
</feed>
