<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-15T08:54:46.085786+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/921282e6-512d-479f-b9cb-bbd9bdb955b4/export</id>
    <title>921282e6-512d-479f-b9cb-bbd9bdb955b4</title>
    <updated>2026-07-15T08:54:46.116266+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "921282e6-512d-479f-b9cb-bbd9bdb955b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "published-proof-of-concept", "source": "https://t.me/bhhub/1203", "content": "Weekly 8 AI &amp;amp; Cyber signals to act on (Jul 11\u201313, 2026)\n\n#AISecurity@bhhub\n\n\u2728 GitLost turns a public GitHub issue into private-repo exfiltration\nNoma reproduced an unauthenticated prompt injection against a GitHub Agentic Workflow with cross-repository read access: the agent fetched a private README and posted it into a public issue. The PoC is configuration-dependent, but the control is clear\u2014untrusted issue text, broad agent permissions, and public write-back must not share one trust boundary.\n\n\u2728 Invisible Unicode defeats MCP\u2019s one-time approval view\nA real-protocol study tested eight metadata payloads across three MCP server libraries. All eight reached model context, none triggered re-approval, and Unicode TAG characters alone stayed invisible to the reviewer; all 32 cross-library cells agreed. The authors released a harness and fail-closed verifier, though independent replication is pending.\n\n\u2728 Update: Langflow cross-tenant flow execution is now in CISA KEV\nCISA added CVE-2026-55255 to KEV on July 7 after evidence of active exploitation. The authenticated IDOR lets an attacker execute another user\u2019s flow by supplying its ID; GitHub scores it 9.9 and Langflow fixed it in 1.9.1. This is a new exploitation-status event, not a replay of the June disclosure.\n\n#AppSec@bhhub\n\n\u2728 GhostLock turns a 15-year Linux stack UAF into root\nNebula Security published a kernelCTF exploit for CVE-2026-43499: regular futex PI syscalls create a dangling stack pointer, then a control-flow pivot yields privilege escalation or container escape. The researchers report 97% reliability and a $92,337 reward; unpatched kernels carrying the affected path need the upstream fix.\n\n\u2728 Browser wallets leak links between addresses, sites, and identities\nA PoPETs-accepted measurement of 85 Chrome wallets representing 35.16 million users formalizes five privacy threats. Routine RPC calls linked addresses, most Ethereum wallets kept exposing revoked addresses, and provider injection into cross-origin iframes enabled passive cross-site tracking\u2014evidence that wallet privacy needs protocol-level, not merely UI-level, controls.\n\n\u2728 SolSmith found 25 Solidity compiler miscompilations\nThree years of semantics-aware differential fuzzing uncovered 25 previously missed compiler bugs, some latent for years, then classified their root causes and user impact. Because immutable smart-contract behavior depends on compiler correctness, the result argues for continuously testing optimization passes with valid, adversarially generated programs; the paper does not quantify deployed-contract exposure.\n\n#RedTeam@bhhub\n\n\u2728 Bit2Watt weaponizes legal GPU workloads against power infrastructure\nThe CHES 2026 paper validates workload-driven power modulation with analysis, simulations, GPUs, and a grid-connected PV inverter. In its synchronized worst-case model, 1,000 GPUs on a 1-MW, 90%-DER system drove current THD to 46.8% and damping to \u22120.27; those grid-scale effects are simulated, but expose a cross-layer tenant threat normal telemetry may miss.\n\n#BlueTeam@bhhub\n\n\u2728 Internet-wide scans expose healthcare\u2019s plaintext attack surface\nThe Euro S&amp;amp;P study scanned DICOM, HL7, and FHIR across IPv4 and IPv6 and ran a nine-month honeypot. It found 2,841 services with authentication flaws, 94.4% of exposed endpoints without transport encryption, and 1,373 systems with known vulnerabilities up to CVSS 9.8, followed by coordinated disclosure\u2014clear priorities for segmentation, TLS, inventory, and remediation.", "creation_timestamp": "2026-07-15T00:00:25.126601Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/921282e6-512d-479f-b9cb-bbd9bdb955b4/export"/>
    <published>2026-07-15T00:00:25.126601+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f6ff533f-c0d7-44d4-b72d-b7a311afcd6a/export</id>
    <title>f6ff533f-c0d7-44d4-b72d-b7a311afcd6a</title>
    <updated>2026-07-15T08:54:46.119402+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f6ff533f-c0d7-44d4-b72d-b7a311afcd6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://t.me/bhhub/1203", "content": "Weekly 8 AI &amp;amp; Cyber signals to act on (Jul 11\u201313, 2026)\n\n#AISecurity@bhhub\n\n\u2728 GitLost turns a public GitHub issue into private-repo exfiltration\nNoma reproduced an unauthenticated prompt injection against a GitHub Agentic Workflow with cross-repository read access: the agent fetched a private README and posted it into a public issue. The PoC is configuration-dependent, but the control is clear\u2014untrusted issue text, broad agent permissions, and public write-back must not share one trust boundary.\n\n\u2728 Invisible Unicode defeats MCP\u2019s one-time approval view\nA real-protocol study tested eight metadata payloads across three MCP server libraries. All eight reached model context, none triggered re-approval, and Unicode TAG characters alone stayed invisible to the reviewer; all 32 cross-library cells agreed. The authors released a harness and fail-closed verifier, though independent replication is pending.\n\n\u2728 Update: Langflow cross-tenant flow execution is now in CISA KEV\nCISA added CVE-2026-55255 to KEV on July 7 after evidence of active exploitation. The authenticated IDOR lets an attacker execute another user\u2019s flow by supplying its ID; GitHub scores it 9.9 and Langflow fixed it in 1.9.1. This is a new exploitation-status event, not a replay of the June disclosure.\n\n#AppSec@bhhub\n\n\u2728 GhostLock turns a 15-year Linux stack UAF into root\nNebula Security published a kernelCTF exploit for CVE-2026-43499: regular futex PI syscalls create a dangling stack pointer, then a control-flow pivot yields privilege escalation or container escape. The researchers report 97% reliability and a $92,337 reward; unpatched kernels carrying the affected path need the upstream fix.\n\n\u2728 Browser wallets leak links between addresses, sites, and identities\nA PoPETs-accepted measurement of 85 Chrome wallets representing 35.16 million users formalizes five privacy threats. Routine RPC calls linked addresses, most Ethereum wallets kept exposing revoked addresses, and provider injection into cross-origin iframes enabled passive cross-site tracking\u2014evidence that wallet privacy needs protocol-level, not merely UI-level, controls.\n\n\u2728 SolSmith found 25 Solidity compiler miscompilations\nThree years of semantics-aware differential fuzzing uncovered 25 previously missed compiler bugs, some latent for years, then classified their root causes and user impact. Because immutable smart-contract behavior depends on compiler correctness, the result argues for continuously testing optimization passes with valid, adversarially generated programs; the paper does not quantify deployed-contract exposure.\n\n#RedTeam@bhhub\n\n\u2728 Bit2Watt weaponizes legal GPU workloads against power infrastructure\nThe CHES 2026 paper validates workload-driven power modulation with analysis, simulations, GPUs, and a grid-connected PV inverter. In its synchronized worst-case model, 1,000 GPUs on a 1-MW, 90%-DER system drove current THD to 46.8% and damping to \u22120.27; those grid-scale effects are simulated, but expose a cross-layer tenant threat normal telemetry may miss.\n\n#BlueTeam@bhhub\n\n\u2728 Internet-wide scans expose healthcare\u2019s plaintext attack surface\nThe Euro S&amp;amp;P study scanned DICOM, HL7, and FHIR across IPv4 and IPv6 and ran a nine-month honeypot. It found 2,841 services with authentication flaws, 94.4% of exposed endpoints without transport encryption, and 1,373 systems with known vulnerabilities up to CVSS 9.8, followed by coordinated disclosure\u2014clear priorities for segmentation, TLS, inventory, and remediation.", "creation_timestamp": "2026-07-14T12:00:05.175166Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f6ff533f-c0d7-44d4-b72d-b7a311afcd6a/export"/>
    <published>2026-07-14T12:00:05.175166+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a9cef5ad-0fb6-453a-84fc-68dfa787b4d9/export</id>
    <title>a9cef5ad-0fb6-453a-84fc-68dfa787b4d9</title>
    <updated>2026-07-15T08:54:46.119637+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a9cef5ad-0fb6-453a-84fc-68dfa787b4d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/billingsley.bsky.social/post/3mqm2iomfo32y", "content": "COGNOSCERE Tech Brief \u2014 2026-07-14\n\nCISA added CVE-2026-55255, an access-control flaw in the Langflow AI agent frame\n\nhttps://youtube.com/watch?v=_4LaJb-3eQ8\n\nhttps://www.cognoscerellc.com/news", "creation_timestamp": "2026-07-14T11:00:28.655752Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a9cef5ad-0fb6-453a-84fc-68dfa787b4d9/export"/>
    <published>2026-07-14T11:00:28.655752+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ac1667b5-2787-4952-9f35-311ead2c88a0/export</id>
    <title>ac1667b5-2787-4952-9f35-311ead2c88a0</title>
    <updated>2026-07-15T08:54:46.119782+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ac1667b5-2787-4952-9f35-311ead2c88a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/billingsley.bsky.social/post/3mqlrbrod6a2b", "content": "COGNOSCERE Tech Brief \u2014 2026-07-14\n\nCISA added CVE-2026-55255, an access-control flaw in the Langflow AI agent frame\n\nhttps://youtube.com/watch?v=fcw6VIlLFCE\n\nhttps://www.cognoscerellc.com/news", "creation_timestamp": "2026-07-14T08:15:39.848721Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ac1667b5-2787-4952-9f35-311ead2c88a0/export"/>
    <published>2026-07-14T08:15:39.848721+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2b1fee98-8046-4b75-9291-4ab93cb28415/export</id>
    <title>2b1fee98-8046-4b75-9291-4ab93cb28415</title>
    <updated>2026-07-15T08:54:46.119918+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2b1fee98-8046-4b75-9291-4ab93cb28415", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mqjngi26od2u", "content": "\ud83d\udd0d Top signals this week:\n\nCVEs: CVE-2026-48282, CVE-2026-50656, CVE-2026-55255, CVE-2026-20896, CVE-2026-53359\nActors: Ransomware, Apt, Play\n\nFull intel: https://matlock.ca/cybersecnews", "creation_timestamp": "2026-07-13T12:01:15.526110Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2b1fee98-8046-4b75-9291-4ab93cb28415/export"/>
    <published>2026-07-13T12:01:15.526110+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8edd9b97-2358-493e-9275-c65360338377/export</id>
    <title>8edd9b97-2358-493e-9275-c65360338377</title>
    <updated>2026-07-15T08:54:46.120077+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8edd9b97-2358-493e-9275-c65360338377", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/diesec.bsky.social/post/3mqjjz2mimj2c", "content": "CISA just KEV-listed an AI agent platform for the first time. CVE-2026-55255: attackers steal other tenants' API keys and cloud creds from Langflow via one crafted request. CVSS 6.1 on paper, 9.9 in practice. Patch to 1.9.2 now.\n\nzurl.co/pJ7er \nzurl.co/ihjcE \n\n #AISecurity #CISA #CVE", "creation_timestamp": "2026-07-13T11:00:04.570138Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8edd9b97-2358-493e-9275-c65360338377/export"/>
    <published>2026-07-13T11:00:04.570138+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c645ff6f-f834-4eee-9fe8-86d327b79d47/export</id>
    <title>c645ff6f-f834-4eee-9fe8-86d327b79d47</title>
    <updated>2026-07-15T08:54:46.120224+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c645ff6f-f834-4eee-9fe8-86d327b79d47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mqe5shnkya2u", "content": "Executive Alert: Langflow CVE-2026-55255 allows unauthorized flow execution, compromising tenant isolation. Our latest CSUITE Brief details the strategic remediation and hardening protocols required to secure your enterprise environment. Protect your perimeter today.\u2026", "creation_timestamp": "2026-07-11T07:38:19.722159Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c645ff6f-f834-4eee-9fe8-86d327b79d47/export"/>
    <published>2026-07-11T07:38:19.722159+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/345de53b-d608-4b57-b3ff-6a970017092f/export</id>
    <title>345de53b-d608-4b57-b3ff-6a970017092f</title>
    <updated>2026-07-15T08:54:46.120356+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "345de53b-d608-4b57-b3ff-6a970017092f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mqdamxizm326", "content": "Alert: Langflow CVE-2026-55255 allows authenticated attackers to execute arbitrary flows by manipulating flow IDs. Secure your tenant isolation now with our latest forensic deep-dive, featuring detection queries and hardening protocols. https://thecybermind.co/4912\n\n#CyberSecurity #Langflow", "creation_timestamp": "2026-07-10T22:56:16.391455Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/345de53b-d608-4b57-b3ff-6a970017092f/export"/>
    <published>2026-07-10T22:56:16.391455+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/04eb6b49-843f-45b1-b08b-e961b71cb1a8/export</id>
    <title>04eb6b49-843f-45b1-b08b-e961b71cb1a8</title>
    <updated>2026-07-15T08:54:46.120505+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "04eb6b49-843f-45b1-b08b-e961b71cb1a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/sen-perimetered.bsky.social/post/3mqc4e6bxhp22", "content": "CVE-2026-55255. Langflow. KEV-listed July 7 \u2014 first AI agent platform in the catalog.\n\nIDOR in the flow-execution endpoint: any authenticated user can run another tenant's flow. Attacker's injected prompt: \"leak api keys.\" LLM keys and AWS creds embedded in flows are the target.\n\nPatch: 1.9.2. Rota\u2026", "creation_timestamp": "2026-07-10T12:07:06.388154Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/04eb6b49-843f-45b1-b08b-e961b71cb1a8/export"/>
    <published>2026-07-10T12:07:06.388154+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3112d7cf-03cd-40de-ab10-94b8c7685ec8/export</id>
    <title>3112d7cf-03cd-40de-ab10-94b8c7685ec8</title>
    <updated>2026-07-15T08:54:46.120671+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3112d7cf-03cd-40de-ab10-94b8c7685ec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mq7wm4ctrc2a", "content": "Attackers using Langflow flaw for credential harvesting (CVE-2026-55255)\n\nThe US Cybersecurity and Infrastructure Security Agency (CISA) is warning about yet another Langflow vulnerability (CVE-2026-55255) leveraged by attackers in the wild. The flaw was added to the agency\u2019s Know\u2026\n#hackernews #news", "creation_timestamp": "2026-07-09T15:18:51.398693Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3112d7cf-03cd-40de-ab10-94b8c7685ec8/export"/>
    <published>2026-07-09T15:18:51.398693+00:00</published>
  </entry>
</feed>
