<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-14T02:28:38.204111+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4a755f88-169c-471a-a31b-2d6ae80022ed/export</id>
    <title>4a755f88-169c-471a-a31b-2d6ae80022ed</title>
    <updated>2026-07-14T02:28:38.229571+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "4a755f88-169c-471a-a31b-2d6ae80022ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://t.me/GithubRedTeam/89493", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-54420-LiteSpeed-Symlink-Exploit\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a fevar54\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-18 15:24:37\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nA vulnerability in LiteSpeed cPanel Plugin before 2.4.8 and WHM Plugin before 5.3.2.0 mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:39.624908Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4a755f88-169c-471a-a31b-2d6ae80022ed/export"/>
    <published>2026-07-14T00:00:39.624908+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6fa2f507-ef44-45a2-8c61-77d7f3b81b2b/export</id>
    <title>6fa2f507-ef44-45a2-8c61-77d7f3b81b2b</title>
    <updated>2026-07-14T02:28:38.231606+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6fa2f507-ef44-45a2-8c61-77d7f3b81b2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54424", "type": "seen", "source": "https://t.me/GithubRedTeam/91664", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-54424\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a tomadimitrie\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C++\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-02 22:17:37\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nExploiting Parsec for Windows to gain SYSTEM privileges\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:21.914096Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6fa2f507-ef44-45a2-8c61-77d7f3b81b2b/export"/>
    <published>2026-07-14T00:00:21.914096+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c0de7da5-c98c-444d-a13d-3b0de1121bb0/export</id>
    <title>c0de7da5-c98c-444d-a13d-3b0de1121bb0</title>
    <updated>2026-07-14T02:28:38.231740+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c0de7da5-c98c-444d-a13d-3b0de1121bb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://t.me/BleepingComputer/24911", "content": "\u200aCISA warns of another cPanel plugin flaw exploited in attacks\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. government agencies three days to secure their servers against an actively exploited vulnerability (CVE-2026-54420) in the LiteSpeed cPanel user-end plugin. [...]\n\nhttps://www.bleepingcomputer.com/news/security/cisa-warns-of-another-actively-exploited-cpanel-plugin-flaw/", "creation_timestamp": "2026-07-14T00:00:06.843304Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c0de7da5-c98c-444d-a13d-3b0de1121bb0/export"/>
    <published>2026-07-14T00:00:06.843304+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d8c3db65-a3f2-4892-ba89-d55fb59f04cc/export</id>
    <title>d8c3db65-a3f2-4892-ba89-d55fb59f04cc</title>
    <updated>2026-07-14T02:28:38.231846+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d8c3db65-a3f2-4892-ba89-d55fb59f04cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://t.me/GithubRedTeam/89493", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-54420-LiteSpeed-Symlink-Exploit\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a fevar54\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-18 15:24:37\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nA vulnerability in LiteSpeed cPanel Plugin before 2.4.8 and WHM Plugin before 5.3.2.0 mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:23.830182Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d8c3db65-a3f2-4892-ba89-d55fb59f04cc/export"/>
    <published>2026-07-13T22:00:23.830182+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/fad89e7a-0525-46f7-b8f2-f132827dbe05/export</id>
    <title>fad89e7a-0525-46f7-b8f2-f132827dbe05</title>
    <updated>2026-07-14T02:28:38.231943+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "fad89e7a-0525-46f7-b8f2-f132827dbe05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54424", "type": "seen", "source": "https://t.me/GithubRedTeam/91664", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-54424\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a tomadimitrie\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C++\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-02 22:17:37\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nExploiting Parsec for Windows to gain SYSTEM privileges\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:14.024673Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/fad89e7a-0525-46f7-b8f2-f132827dbe05/export"/>
    <published>2026-07-13T22:00:14.024673+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3a58a093-6ffe-4917-866f-bd240735e595/export</id>
    <title>3a58a093-6ffe-4917-866f-bd240735e595</title>
    <updated>2026-07-14T02:28:38.232043+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3a58a093-6ffe-4917-866f-bd240735e595", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mqfwicayb22i", "content": "CISA\u306f\u3001\u653b\u6483\u306b\u60aa\u7528\u3055\u308c\u305f\u5225\u306ecPanel\u30d7\u30e9\u30b0\u30a4\u30f3\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\u8b66\u544a\u3092\u767a\u3057\u305f\u3002\n\n\u7c73\u56fd\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f\u3001LiteSpeed cPanel\u306e\u30e6\u30fc\u30b6\u30fc\u30a8\u30f3\u30c9\u30d7\u30e9\u30b0\u30a4\u30f3\u306b\u5b58\u5728\u3059\u308b\u3001\u73fe\u5728\u60aa\u7528\u3055\u308c\u3066\u3044\u308b\u8106\u5f31\u6027\uff08CVE-2026-54420\uff09\u304b\u3089\u30b5\u30fc\u30d0\u30fc\u3092\u4fdd\u8b77\u3059\u308b\u305f\u3081\u3001\u7c73\u56fd\u653f\u5e9c\u6a5f\u95a2\u306b3\u65e5\u9593\u306e\u7336\u4e88\u3092\u4e0e\u3048\u305f\u3002\n\nCVE-2026-48172\u3068\u3057\u3066\u8ffd\u8de1\u3055\u308c\u3066\u3044\u308b\u3053\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027\u306f\u3001Namecheap\u306b\u3088\u3063\u3066\u5831\u544a\u3055\u308c\u3001FTP\u307e\u305f\u306fWeb\u30b7\u30a7\u30eb\u3078\u306e\u30a2\u30af\u30bb\u30b9\u6a29\u3092\u6301\u3064\u653b\u6483\u8005\u304c\u3001CloudLinux/CageFS\u3092\u5b9f\u884c\u3057\u3066\u3044\u308b\u5171\u6709\u30db\u30b9\u30c6\u30a3\u30f3\u30b0\u30b5\u30fc\u30d0\u30fc\u4e0a\u3067r...", "creation_timestamp": "2026-07-12T00:32:44.918768Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3a58a093-6ffe-4917-866f-bd240735e595/export"/>
    <published>2026-07-12T00:32:44.918768+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ee7fd9d6-82c9-46fa-9157-74f2d79f9411/export</id>
    <title>ee7fd9d6-82c9-46fa-9157-74f2d79f9411</title>
    <updated>2026-07-14T02:28:38.232146+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ee7fd9d6-82c9-46fa-9157-74f2d79f9411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mqftyyvhgc2i", "content": "\u8106\u5f31\u6027\u306e\u60aa\u7528\u30ab\u30bf\u30ed\u30b0\u306b2\u4ef6\u3092\u3042\u3089\u305f\u306b\u8ffd\u52a0 - \u7c73\u5f53\u5c40\n\n\u7c73\u5f53\u5c40\u306f\u3001\u30db\u30b9\u30c6\u30a3\u30f3\u30b0\u74b0\u5883\u5411\u3051\u30d7\u30e9\u30b0\u30a4\u30f3\u3084Cisco\u306eSD-WAN\u7ba1\u7406\u88fd\u54c1\u306b\u5224\u660e\u3057\u305f\u8106\u5f31\u6027\u304c\u60aa\u7528\u3055\u308c\u3066\u3044\u308b\u3068\u3057\u3066\u6ce8\u610f\u559a\u8d77\u3092\u884c\u3063\u305f\u3002\n\n\u7c73\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f\u73fe\u5730\u6642\u95932026\u5e746\u670815\u65e5\u3001\u300c\u60aa\u7528\u304c\u78ba\u8a8d\u3055\u308c\u305f\u8106\u5f31\u6027\u30ab\u30bf\u30ed\u30b0\uff08KEV\uff09\u300d\u30782\u4ef6\u306e\u8106\u5f31\u6027\u300cCVE-2026-54420\u300d\u300cCVE-2026-20262\u300d\u3092\u8ffd\u52a0\u3057\u305f\u3002\n\n\u300cCVE-2026-54420\u300d\u306f\u3001\u300cLiteSpeed Web Server\u300d\u306e\u5229\u7528\u8005\u5411\u3051\u306b\u63d0\u4f9b\u3055\u308c\u3066\u3044\u308b\u300cLiteSpeed cPanel Plugin\u300d\u306b\u660e\u3089\u304b...", "creation_timestamp": "2026-07-11T23:48:21.207330Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ee7fd9d6-82c9-46fa-9157-74f2d79f9411/export"/>
    <published>2026-07-11T23:48:21.207330+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c9b214cb-a20d-43b6-8fbb-8c8b5dbd2fed/export</id>
    <title>c9b214cb-a20d-43b6-8fbb-8c8b5dbd2fed</title>
    <updated>2026-07-14T02:28:38.232241+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c9b214cb-a20d-43b6-8fbb-8c8b5dbd2fed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mqft5zacqs2i", "content": "\u300cLiteSpeed cPanel Plugin\u300d\u306b\u6a29\u9650\u6607\u683c\u306e\u8106\u5f31\u6027 - \u3059\u3067\u306b\u60aa\u7528\u3082\n\n\u300cLiteSpeed Web Server\u300d\u5229\u7528\u8005\u5411\u3051\u306e\u30d7\u30e9\u30b0\u30a4\u30f3\u300cLiteSpeed cPanel Plugin\u300d\u306b\u3042\u3089\u305f\u306a\u8106\u5f31\u6027\u304c\u660e\u3089\u304b\u3068\u306a\u3063\u305f\u30025\u6708\u306b\u5224\u660e\u3057\u305f\u8106\u5f31\u6027\u3068\u306f\u7570\u306a\u308b\u8106\u5f31\u6027\u3067\u3001\u60aa\u7528\u3082\u78ba\u8a8d\u3055\u308c\u3066\u3044\u308b\u3002\n\n\u30b7\u30f3\u30dc\u30ea\u30c3\u30af\u30ea\u30f3\u30af\u306e\u51e6\u7406\u306b\u8d77\u56e0\u3057\u3001root\u6a29\u9650\u3078\u306e\u6607\u683c\u304c\u53ef\u80fd\u3068\u306a\u308b\u8106\u5f31\u6027\u300cCVE-2026-54420\u300d\u304c\u660e\u3089\u304b\u3068\u306a\u3063\u305f\u3082\u306e\u3002FTP\u3084\u30a6\u30a7\u30d6\u30b7\u30a7\u30eb\u306e\u30a2\u30af\u30bb\u30b9\u6a29\u9650\u3092\u6301\u3064\u5834\u5408\u306b\u60aa\u7528\u304c\u53ef\u80fd\u3067\u3001\u300cCloudLinux\u300d\u3068\u300cCageFS\u300d\u3092\u5229\u7528\u3059\u308b\u5171\u6709\u30db\u30b9\u30c6\u30a3\u30f3\u30b0\u30b5\u30fc\u30d0\u3067\u5f71\u97ff\u3092\u53d7\u3051\u308b\u3068\u3044\u3046\u3002", "creation_timestamp": "2026-07-11T23:33:14.712067Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c9b214cb-a20d-43b6-8fbb-8c8b5dbd2fed/export"/>
    <published>2026-07-11T23:33:14.712067+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5f724d0c-faf2-4e0e-83f8-a4f0bf65507b/export</id>
    <title>5f724d0c-faf2-4e0e-83f8-a4f0bf65507b</title>
    <updated>2026-07-14T02:28:38.232333+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5f724d0c-faf2-4e0e-83f8-a4f0bf65507b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mqfsyi6xqc2i", "content": "CISA Adds Two Known Exploited Vulnerabilities to Catalog\nRelease Date June 15, 2026\n\nCVE-2026-20262 Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability\nCVE-2026-54420 LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability", "creation_timestamp": "2026-07-11T23:30:09.491925Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5f724d0c-faf2-4e0e-83f8-a4f0bf65507b/export"/>
    <published>2026-07-11T23:30:09.491925+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d9e021f9-5754-4a18-8cb1-5dd1ec311101/export</id>
    <title>d9e021f9-5754-4a18-8cb1-5dd1ec311101</title>
    <updated>2026-07-14T02:28:38.232427+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d9e021f9-5754-4a18-8cb1-5dd1ec311101", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54423", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdfyao3qs2x", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-54423 \u0432 OpenStack Ironic: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/B352A32E-37DA-40B9-95CC-F428B4315992", "creation_timestamp": "2026-07-11T00:32:03.535020Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d9e021f9-5754-4a18-8cb1-5dd1ec311101/export"/>
    <published>2026-07-11T00:32:03.535020+00:00</published>
  </entry>
</feed>
