<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-02T01:31:05.303312+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/db6568a2-beaa-4214-a73b-e9311e43fc65/export</id>
    <title>db6568a2-beaa-4214-a73b-e9311e43fc65</title>
    <updated>2026-07-02T01:31:05.326161+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "db6568a2-beaa-4214-a73b-e9311e43fc65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55792", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpmrqnddb72m", "content": "CVE-2026-55792 - Craft CMS: Sensitive File Disclosure / Server-Side File Read\nCVE ID : CVE-2026-55792\n \n Published : July 1, 2026, 11:20 p.m. | 26\u00a0minutes ago\n \n Description : Craft CMS is a content management system (CMS). In versions starting from 4.0.0-RC1 and prior to 4.18...", "creation_timestamp": "2026-07-02T00:31:18.979700Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/db6568a2-beaa-4214-a73b-e9311e43fc65/export"/>
    <published>2026-07-02T00:31:18.979700+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/99fe4b1e-e4ff-443e-b77a-09285c3094ca/export</id>
    <title>99fe4b1e-e4ff-443e-b77a-09285c3094ca</title>
    <updated>2026-07-02T01:31:05.328283+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "99fe4b1e-e4ff-443e-b77a-09285c3094ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55794", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpmr7z6ifr2m", "content": "CVE-2026-55794 - Craft CMS: Potential authenticated Remote Code Execution via referrer redirect\nCVE ID : CVE-2026-55794\n \n Published : July 1, 2026, 11:26 p.m. | 20\u00a0minutes ago\n \n Description : Craft CMS is a content management system (CMS). In versions 5.9.0 and above prior t...", "creation_timestamp": "2026-07-02T00:22:01.235267Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/99fe4b1e-e4ff-443e-b77a-09285c3094ca/export"/>
    <published>2026-07-02T00:22:01.235267+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/23f2dd3f-2895-48e9-ab58-ebabc1668641/export</id>
    <title>23f2dd3f-2895-48e9-ab58-ebabc1668641</title>
    <updated>2026-07-02T01:31:05.328432+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "23f2dd3f-2895-48e9-ab58-ebabc1668641", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55790", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpmqagvqrn2p", "content": "CVE-2026-55790 - Craft CMS: DOM XSS via GitHub issue title in CraftSupport widget\nCVE ID : CVE-2026-55790\n \n Published : July 1, 2026, 10:57 p.m. | 48\u00a0minutes ago\n \n Description : Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22 and 4.0.0-RC...", "creation_timestamp": "2026-07-02T00:04:23.031145Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/23f2dd3f-2895-48e9-ab58-ebabc1668641/export"/>
    <published>2026-07-02T00:04:23.031145+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/61939138-27b0-4234-8da5-054700271747/export</id>
    <title>61939138-27b0-4234-8da5-054700271747</title>
    <updated>2026-07-02T01:31:05.328548+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "61939138-27b0-4234-8da5-054700271747", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55791", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpmpvmvzr52u", "content": "CVE-2026-55791 - Craft CMS: Blind SSRF and Arbitrary JavaScript Injection via Host Header Poisoning in actionResourceJs\nCVE ID : CVE-2026-55791\n \n Published : July 1, 2026, 11:13 p.m. | 32\u00a0minutes ago\n \n Description : Craft CMS is a content management system (CMS). Versions 4....", "creation_timestamp": "2026-07-01T23:58:19.318393Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/61939138-27b0-4234-8da5-054700271747/export"/>
    <published>2026-07-01T23:58:19.318393+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/77c97333-0a1e-4f30-ba52-ef60739a19b3/export</id>
    <title>77c97333-0a1e-4f30-ba52-ef60739a19b3</title>
    <updated>2026-07-02T01:31:05.328674+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "77c97333-0a1e-4f30-ba52-ef60739a19b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55795", "type": "published-proof-of-concept", "source": "https://github.com/craftcms/commerce/security/advisories/GHSA-h5gm-x9wr-vhcm", "content": "", "creation_timestamp": "2026-06-16T05:04:11.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/77c97333-0a1e-4f30-ba52-ef60739a19b3/export"/>
    <published>2026-06-16T05:04:11+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bacb6a8c-8a0e-4f4f-9860-f29a8d54a55a/export</id>
    <title>bacb6a8c-8a0e-4f4f-9860-f29a8d54a55a</title>
    <updated>2026-07-02T01:31:05.329709+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "bacb6a8c-8a0e-4f4f-9860-f29a8d54a55a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5579", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3miricpadg623", "content": "", "creation_timestamp": "2026-04-05T19:29:25.090451Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bacb6a8c-8a0e-4f4f-9860-f29a8d54a55a/export"/>
    <published>2026-04-05T19:29:25.090451+00:00</published>
  </entry>
</feed>
