<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-17T01:55:11.398982+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1aaedd94-f3e1-4013-979f-eb375fb059ba/export</id>
    <title>1aaedd94-f3e1-4013-979f-eb375fb059ba</title>
    <updated>2026-07-17T01:55:11.420599+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "1aaedd94-f3e1-4013-979f-eb375fb059ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-51540", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqmqbggzbk24", "content": "CVE-2026-51540\nThe OpENer messaging software is at risk of a critical memory corruption issue when handling certain types of messages. This could lead to unexpected crashes or data loss. Update to the latest version to\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-14T17:30:06.419030Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1aaedd94-f3e1-4013-979f-eb375fb059ba/export"/>
    <published>2026-07-14T17:30:06.419030+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/68a7db92-9d34-4663-a6ae-3b5bdd9b3a2e/export</id>
    <title>68a7db92-9d34-4663-a6ae-3b5bdd9b3a2e</title>
    <updated>2026-07-17T01:55:11.423799+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "68a7db92-9d34-4663-a6ae-3b5bdd9b3a2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-51541", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqmh7pt3tu2q", "content": "CVE-2026-51541\nOpENer, a software used for industrial automation, is at risk of data loss when receiving a specially crafted message from an attacker. This could disrupt communication between devices and impact business\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-14T14:48:05.438132Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/68a7db92-9d34-4663-a6ae-3b5bdd9b3a2e/export"/>
    <published>2026-07-14T14:48:05.438132+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7ad64094-7c1a-4903-9d0d-bca940abd4dd/export</id>
    <title>7ad64094-7c1a-4903-9d0d-bca940abd4dd</title>
    <updated>2026-07-17T01:55:11.423949+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7ad64094-7c1a-4903-9d0d-bca940abd4dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-51541", "type": "seen", "source": "https://gist.github.com/MrAlaskan/705c680856e48c535148265c0899ad4b", "content": "# Security Advisory: CVE-2026-51541\n\n## Vulnerability Information\n* **CVE ID:** CVE-2026-51541\n* **Vendor:** EIPStackGroup\n* **Product:** OpENer (Version 2.3.0)\n* **Vulnerability Type:** CWE-125: Out-of-bounds Read\n* **Attack Type:** Remote, Unauthenticated\n* **Impact:** Denial of Service (DoS)\n\n## Description\nAn out-of-bounds read vulnerability exists in the CIP explicit message parsing logic of OpENer 2.3.0. A remotely crafted malformed CIP request may cause the EPATH decoder to read beyond the valid receive buffer, leading to a Denial of Service condition.\n\n## Affected Component\nThe vulnerability affects the CIP explicit message parsing path, including `source/src/cip/cipcommon.c` and `source/src/cip/cipmessagerouter.c`, specifically the `DecodePaddedEPath` and `CreateMessageRouterRequestStructure` functions.\n\n## Attack Vectors\nAn unauthenticated, remote attacker with network access to the target OpENer instance can exploit this vulnerability by connecting to the EtherNet/IP TCP port, typically TCP/44818, and completing session registration.\n\nThe attacker can then send a crafted `SendRRData` request containing a malformed CIP explicit message with inconsistent path length information. Due to insufficient validation of the remaining input length during EPATH decoding, the parser may read beyond the valid receive buffer.\n\nSuccessful exploitation can crash the OpENer process and deny service to legitimate industrial communication clients.\n\n## References\n* GitHub Issue: https://github.com/EIPStackGroup/OpENer/issues/582", "creation_timestamp": "2026-07-09T03:44:40.481247Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7ad64094-7c1a-4903-9d0d-bca940abd4dd/export"/>
    <published>2026-07-09T03:44:40.481247+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/66df8721-bae8-4af4-9187-ede53bf21d27/export</id>
    <title>66df8721-bae8-4af4-9187-ede53bf21d27</title>
    <updated>2026-07-17T01:55:11.424066+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "66df8721-bae8-4af4-9187-ede53bf21d27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-51540", "type": "seen", "source": "https://gist.github.com/MrAlaskan/5e0c2af7f4a1d188814c7fa8f812c8da", "content": "# Security Advisory: CVE-2026-51540\n\n## Vulnerability Information\n* **CVE ID:** CVE-2026-51540\n* **Vendor:** EIPStackGroup\n* **Product:** OpENer (Version 2.3.0, commit 76b95cf)\n* **Vulnerability Type:** CWE-191: Integer Underflow; CWE-125: Out-of-bounds Read\n* **Attack Type:** Remote, Unauthenticated\n* **Impact:** Denial of Service (DoS); Potential Code Execution\n\n## Description\nA memory corruption vulnerability exists in the handling of connected explicit messages in OpENer 2.3.0. A remotely crafted `SendUnitData` request may trigger an integer underflow during message length processing, causing invalid length handling and out-of-bounds memory access.\n\n## Affected Component\nThe vulnerability affects connected message parsing and EPATH decoding logic, including `source/src/enet_encap/cpf.c`, `source/src/cip/cipmessagerouter.c`, and `source/src/cip/cipcommon.c`, specifically the `NotifyConnectedCommonPacketFormat`, `CreateMessageRouterRequestStructure`, and `DecodePaddedEPath` functions.\n\n## Attack Vectors\nAn unauthenticated, remote attacker with network access to the target OpENer instance can exploit this vulnerability by connecting to the EtherNet/IP TCP port, typically TCP/44818, registering a session, and establishing a standard CIP connection.\n\nThe attacker can then send a crafted `SendUnitData` request containing malformed length and path fields. Due to insufficient validation of connected message length values, the crafted request may cause an integer underflow and allow invalid data to reach the EPATH decoding logic.\n\nSuccessful exploitation can crash the OpENer process, resulting in a Denial of Service condition. Depending on the runtime environment and memory layout, further impact may be possible.\n\n## References\n* Project: https://github.com/EIPStackGroup/OpENer\n* GitHub Issue: https://github.com/EIPStackGroup/OpENer/issues/568", "creation_timestamp": "2026-07-09T03:43:26.325062Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/66df8721-bae8-4af4-9187-ede53bf21d27/export"/>
    <published>2026-07-09T03:43:26.325062+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/dd9f37fa-4fe3-4b25-9d4c-c98d8c6e03f8/export</id>
    <title>dd9f37fa-4fe3-4b25-9d4c-c98d8c6e03f8</title>
    <updated>2026-07-17T01:55:11.424176+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "dd9f37fa-4fe3-4b25-9d4c-c98d8c6e03f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5154", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mkreaqbw3s25", "content": "\ud83d\udccc CVE-2026-5154 - A vulnerability has been found in Tenda CH22 1.0.0.1/1.If. The impacted element is the function fromSetCfm of the file /goform/setcfm of the component... https://www.cyberhub.blog/cves/CVE-2026-5154", "creation_timestamp": "2026-05-01T05:07:07.412263Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/dd9f37fa-4fe3-4b25-9d4c-c98d8c6e03f8/export"/>
    <published>2026-05-01T05:07:07.412263+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6ae5cce2-e05a-4f99-96f0-af5debc92d4c/export</id>
    <title>6ae5cce2-e05a-4f99-96f0-af5debc92d4c</title>
    <updated>2026-07-17T01:55:11.424279+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6ae5cce2-e05a-4f99-96f0-af5debc92d4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5154", "type": "published-proof-of-concept", "source": "Telegram/BTKLtj-k8mr85u8APet4JWB7IXQUJMvyBZkl_BjpM3LulPU", "content": "", "creation_timestamp": "2026-03-31T01:16:25.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6ae5cce2-e05a-4f99-96f0-af5debc92d4c/export"/>
    <published>2026-03-31T01:16:25+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ed048b18-d1c3-4563-9cb2-42a8b518a02e/export</id>
    <title>ed048b18-d1c3-4563-9cb2-42a8b518a02e</title>
    <updated>2026-07-17T01:55:11.424374+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ed048b18-d1c3-4563-9cb2-42a8b518a02e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5154", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3micwuxxml72q", "content": "", "creation_timestamp": "2026-03-31T00:40:14.365260Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ed048b18-d1c3-4563-9cb2-42a8b518a02e/export"/>
    <published>2026-03-31T00:40:14.365260+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9b738414-bbc7-4f1f-ba94-c1a05c14e363/export</id>
    <title>9b738414-bbc7-4f1f-ba94-c1a05c14e363</title>
    <updated>2026-07-17T01:55:11.424465+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9b738414-bbc7-4f1f-ba94-c1a05c14e363", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5154", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116318483680166062", "content": "", "creation_timestamp": "2026-03-30T14:00:11.672180Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9b738414-bbc7-4f1f-ba94-c1a05c14e363/export"/>
    <published>2026-03-30T14:00:11.672180+00:00</published>
  </entry>
</feed>
