<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-03T03:12:33.959823+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3d9f205b-35f9-40b2-b05f-34a25dba12f2/export</id>
    <title>3d9f205b-35f9-40b2-b05f-34a25dba12f2</title>
    <updated>2026-07-03T03:12:33.977691+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3d9f205b-35f9-40b2-b05f-34a25dba12f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53753", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mphxtq4qwp26", "content": "\ud83d\udccc CVE-2026-53753 - Crawl4AI is an open-source LLM friendly web crawler &amp;amp; scraper. Prior to 0.8.7, the _safe_eval_expression() function in the computed fields feature use... https://www.cyberhub.blog/cves/CVE-2026-53753", "creation_timestamp": "2026-06-30T02:37:06.472066Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3d9f205b-35f9-40b2-b05f-34a25dba12f2/export"/>
    <published>2026-06-30T02:37:06.472066+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/43dd879a-c766-4e30-af0b-effb5f525d82/export</id>
    <title>43dd879a-c766-4e30-af0b-effb5f525d82</title>
    <updated>2026-07-03T03:12:33.979363+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "43dd879a-c766-4e30-af0b-effb5f525d82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53754", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgz6gfybv2t", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-53754 \u0432 Crawl4AI: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/B21BDC51-A58A-4C2E-A840-A1B19E502B47", "creation_timestamp": "2026-06-29T17:28:19.755760Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/43dd879a-c766-4e30-af0b-effb5f525d82/export"/>
    <published>2026-06-29T17:28:19.755760+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/fc8edc10-8f1d-42a2-9c5a-cfeab2656163/export</id>
    <title>fc8edc10-8f1d-42a2-9c5a-cfeab2656163</title>
    <updated>2026-07-03T03:12:33.979484+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "fc8edc10-8f1d-42a2-9c5a-cfeab2656163", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53753", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgz5ox46z22", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-53753 \u0432 Crawl4AI: \u0447\u0442\u043e \u043d\u0443\u0436\u043d\u043e \u0437\u043d\u0430\u0442\u044c \u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u0435\u0431-\u043a\u0440\u0430\u0443\u043b\u0435\u0440\u0430\n\n\n\nhttps://kripta.biz/posts/DAEF5562-A78C-412C-B504-C4BE830CE910", "creation_timestamp": "2026-06-29T17:27:55.408038Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/fc8edc10-8f1d-42a2-9c5a-cfeab2656163/export"/>
    <published>2026-06-29T17:27:55.408038+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/dd3d8166-6891-494a-82b2-266f592c6e83/export</id>
    <title>dd3d8166-6891-494a-82b2-266f592c6e83</title>
    <updated>2026-07-03T03:12:33.979584+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "dd3d8166-6891-494a-82b2-266f592c6e83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53755", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgy67tahd25", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-53755 \u0432 Crawl4AI: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/D3E6A8A6-DB56-4FB6-928A-FD03A2538488", "creation_timestamp": "2026-06-29T17:10:20.071275Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/dd3d8166-6891-494a-82b2-266f592c6e83/export"/>
    <published>2026-06-29T17:10:20.071275+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9dc4adb1-d0a2-45bc-b264-7eab1a07bc6f/export</id>
    <title>9dc4adb1-d0a2-45bc-b264-7eab1a07bc6f</title>
    <updated>2026-07-03T03:12:33.979668+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9dc4adb1-d0a2-45bc-b264-7eab1a07bc6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53755", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mozl33izwg2j", "content": "CVE-2026-53755 - SSRF in Crawl4ai Docker API. Proxy bypass allows access to internal services &amp;amp; cloud metadata. CVSS 8.6. No patch available. Disable Docker API or restrict network access immediately. #CVE #infosec #Crawl4ai\n\nhttps://www.valtersit.com/cve/CVE-2026-53755/", "creation_timestamp": "2026-06-24T09:11:18.507399Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9dc4adb1-d0a2-45bc-b264-7eab1a07bc6f/export"/>
    <published>2026-06-24T09:11:18.507399+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bcf80942-0b42-4a09-a34e-c5e61e4fda15/export</id>
    <title>bcf80942-0b42-4a09-a34e-c5e61e4fda15</title>
    <updated>2026-07-03T03:12:33.979754+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "bcf80942-0b42-4a09-a34e-c5e61e4fda15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-53753", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116802494595378111", "content": "CVE-2026-53753: CRITICAL code injection in unclecode crawl4ai (&amp;lt;0.8.7). Unauthenticated RCE via /crawl POST request due to insufficient AST validation. Patch to 0.8.7 ASAP. https://radar.offseq.com/threat/cve-2026-53753-cwe-94-improper-control-of-generati-9d9fc678b9a0404e #OffSeq #CVE202653753 #infosec #vuln", "creation_timestamp": "2026-06-24T01:30:29.542970Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bcf80942-0b42-4a09-a34e-c5e61e4fda15/export"/>
    <published>2026-06-24T01:30:29.542970+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3d64bbe1-3052-4083-ae98-5e81da6040f4/export</id>
    <title>3d64bbe1-3052-4083-ae98-5e81da6040f4</title>
    <updated>2026-07-03T03:12:33.979839+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3d64bbe1-3052-4083-ae98-5e81da6040f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53755", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moycht3map2r", "content": "CVE-2026-53755 - Crawl4AI: SSRF via proxy settings in the Docker server bypasses the crawl-URL SSRF check\nCVE ID : CVE-2026-53755\n \n Published : June 23, 2026, 6:15 p.m. | 1\u00a0hour, 28\u00a0minutes ago\n \n Description : Crawl4AI is an open-source LLM friendly web crawler &amp;amp; scraper...", "creation_timestamp": "2026-06-23T21:04:42.204145Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3d64bbe1-3052-4083-ae98-5e81da6040f4/export"/>
    <published>2026-06-23T21:04:42.204145+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/db84f653-4af1-41aa-a8ae-43d12fffd898/export</id>
    <title>db84f653-4af1-41aa-a8ae-43d12fffd898</title>
    <updated>2026-07-03T03:12:33.979922+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "db84f653-4af1-41aa-a8ae-43d12fffd898", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53753", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moyb32agwx26", "content": "CVE-2026-53753 - Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API\nCVE ID : CVE-2026-53753\n \n Published : June 23, 2026, 6:17 p.m. | 1\u00a0hour, 26\u00a0minutes ago\n \n Description : Crawl4AI is an open-source LLM friendly web crawler &amp;amp; scraper. Pri...", "creation_timestamp": "2026-06-23T20:39:39.938954Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/db84f653-4af1-41aa-a8ae-43d12fffd898/export"/>
    <published>2026-06-23T20:39:39.938954+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4a1cc079-31c1-442c-b5cc-0dee8b8eafec/export</id>
    <title>4a1cc079-31c1-442c-b5cc-0dee8b8eafec</title>
    <updated>2026-07-03T03:12:33.980009+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "4a1cc079-31c1-442c-b5cc-0dee8b8eafec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53754", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moy7md5vu525", "content": "CVE-2026-53754 - Crawl4AI: SSRF filter bypass in Docker server via IPv6 transition forms (NAT64 / 6to4 / unspecified / v4-mapped)\nCVE ID : CVE-2026-53754\n \n Published : June 23, 2026, 6:16 p.m. | 1\u00a0hour, 27\u00a0minutes ago\n \n Description : Crawl4AI is an open-source LLM friendly w...", "creation_timestamp": "2026-06-23T20:13:32.032973Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4a1cc079-31c1-442c-b5cc-0dee8b8eafec/export"/>
    <published>2026-06-23T20:13:32.032973+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/49dedc82-7b7b-4d28-9359-245850227701/export</id>
    <title>49dedc82-7b7b-4d28-9359-245850227701</title>
    <updated>2026-07-03T03:12:33.980096+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "49dedc82-7b7b-4d28-9359-245850227701", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-53755", "type": "published-proof-of-concept", "source": "https://github.com/unclecode/crawl4ai/security/advisories/GHSA-6qhc-x826-342c", "content": "", "creation_timestamp": "2026-06-04T08:37:00.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/49dedc82-7b7b-4d28-9359-245850227701/export"/>
    <published>2026-06-04T08:37:00+00:00</published>
  </entry>
</feed>
