<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-17T06:43:31.023988+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a2339ff3-7835-4c4a-87e2-343b8f6b70e7/export</id>
    <title>a2339ff3-7835-4c4a-87e2-343b8f6b70e7</title>
    <updated>2026-07-17T06:43:31.038213+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a2339ff3-7835-4c4a-87e2-343b8f6b70e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56241", "type": "seen", "source": "https://bsky.app/profile/khesefxyz.bsky.social/post/3mqqs5caybm2y", "content": "\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e7\u05e9\u05d4 \u05d1-Capgo: CVE-2026-56241 \u05de\u05d0\u05e4\u05e9\u05e8\u05ea \u05e2\u05dc\u05d9\u05d9\u05d4 \u05d1\u05e8\u05de\u05ea \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea\n\n\n\nhttps://khesef.xyz/posts/51906593-79B4-4CA3-A11B-D3D10EDBD61C", "creation_timestamp": "2026-07-16T08:14:14.253312Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a2339ff3-7835-4c4a-87e2-343b8f6b70e7/export"/>
    <published>2026-07-16T08:14:14.253312+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3582f26c-ef3d-438e-ad78-ab8eb420e142/export</id>
    <title>3582f26c-ef3d-438e-ad78-ab8eb420e142</title>
    <updated>2026-07-17T06:43:31.039983+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3582f26c-ef3d-438e-ad78-ab8eb420e142", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56241", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkxburgac2d", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-56241 \u0432 Capgo: \u0443\u0433\u0440\u043e\u0437\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/F433D381-0CBE-42A6-9590-A17658226070", "creation_timestamp": "2026-07-14T00:30:18.134536Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3582f26c-ef3d-438e-ad78-ab8eb420e142/export"/>
    <published>2026-07-14T00:30:18.134536+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c2603c79-0ec8-48ac-aafc-c2105ad801af/export</id>
    <title>c2603c79-0ec8-48ac-aafc-c2105ad801af</title>
    <updated>2026-07-17T06:43:31.040141+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c2603c79-0ec8-48ac-aafc-c2105ad801af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56241", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqhdofiaa42l", "content": "\ud83d\udfe0 CVE-2026-56241 - High (8.3)\n\nCapgo before 12.128.2 contains a privilege escalation vulnerability where demoted super_admin use...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-56241/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-12T14:01:25.183100Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c2603c79-0ec8-48ac-aafc-c2105ad801af/export"/>
    <published>2026-07-12T14:01:25.183100+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3af7c7cf-29b0-4a93-937b-9ab18bb9abaf/export</id>
    <title>3af7c7cf-29b0-4a93-937b-9ab18bb9abaf</title>
    <updated>2026-07-17T06:43:31.040267+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3af7c7cf-29b0-4a93-937b-9ab18bb9abaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56241", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqh7l7ob2b26", "content": "CVE-2026-56241 - Capgo - RBAC Demotion Privilege Retention via Stale org_users.user_right\nCVE ID : CVE-2026-56241\n \n Published : July 12, 2026, 12:16 p.m. | 16\u00a0minutes ago\n \n Description : Capgo before 12.128.2 contains a privilege escalation vulnerability where demoted super_...", "creation_timestamp": "2026-07-12T12:48:04.879667Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3af7c7cf-29b0-4a93-937b-9ab18bb9abaf/export"/>
    <published>2026-07-12T12:48:04.879667+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/0c1a7d2b-6f27-404e-b7ac-369ba511edf1/export</id>
    <title>0c1a7d2b-6f27-404e-b7ac-369ba511edf1</title>
    <updated>2026-07-17T06:43:31.040382+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "0c1a7d2b-6f27-404e-b7ac-369ba511edf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56241", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqh6wgwogn2i", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-56241 \u0432 Capgo: \u0443\u0433\u0440\u043e\u0437\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/A89EE528-F7EE-488E-BEF3-AC526D96C3C7", "creation_timestamp": "2026-07-12T12:36:25.614298Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/0c1a7d2b-6f27-404e-b7ac-369ba511edf1/export"/>
    <published>2026-07-12T12:36:25.614298+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/eeb41071-761b-4f4d-adee-7dbde8baeba8/export</id>
    <title>eeb41071-761b-4f4d-adee-7dbde8baeba8</title>
    <updated>2026-07-17T06:43:31.040500+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "eeb41071-761b-4f4d-adee-7dbde8baeba8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56240", "type": "seen", "source": "https://bsky.app/profile/cybersecinsight.bsky.social/post/3mqh3qwdo2326", "content": "\ud83d\udd0d Vulnerability Spotlight | Part 2/3\n\n\u26a0\ufe0f CVE-2026-56240\n\nCapgo before 12.128.12 contains a billing authorization bypass vulnerability in the plan_valid calculation that allows organizations with exhausted...", "creation_timestamp": "2026-07-12T11:39:49.501483Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/eeb41071-761b-4f4d-adee-7dbde8baeba8/export"/>
    <published>2026-07-12T11:39:49.501483+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/34970fc4-7709-4f26-8779-c5ce07a0a04d/export</id>
    <title>34970fc4-7709-4f26-8779-c5ce07a0a04d</title>
    <updated>2026-07-17T06:43:31.040623+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "34970fc4-7709-4f26-8779-c5ce07a0a04d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56240", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqeve5iuvl2x", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-56240 \u0432 Capgo: \u0443\u0433\u0440\u043e\u0437\u0430 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u0431\u0438\u043b\u043b\u0438\u043d\u0433\u0430\n\n\n\nhttps://kripta.biz/posts/C0EC03EB-D732-472A-8D7C-BB2D75D3C794", "creation_timestamp": "2026-07-11T14:39:48.647038Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/34970fc4-7709-4f26-8779-c5ce07a0a04d/export"/>
    <published>2026-07-11T14:39:48.647038+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8547a0c6-d9ad-4b4b-8eab-f5f1aa62f530/export</id>
    <title>8547a0c6-d9ad-4b4b-8eab-f5f1aa62f530</title>
    <updated>2026-07-17T06:43:31.040733+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8547a0c6-d9ad-4b4b-8eab-f5f1aa62f530", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56247", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpkj7o4hmo2k", "content": "CVE-2026-56247 - Capgo - Privilege Escalation via Cross-Scope RBAC Role Assignment\nCVE ID : CVE-2026-56247\n \n Published : June 30, 2026, 10:08 p.m. | 3\u00a0hours, 4\u00a0minutes ago\n \n Description : Capgo before 12.128.2 allows org admins to assign org-scoped RBAC roles at app scope wi...", "creation_timestamp": "2026-07-01T02:53:20.192796Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8547a0c6-d9ad-4b4b-8eab-f5f1aa62f530/export"/>
    <published>2026-07-01T02:53:20.192796+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1e39f7fc-cfa1-4f59-baeb-d839e9f1aaf4/export</id>
    <title>1e39f7fc-cfa1-4f59-baeb-d839e9f1aaf4</title>
    <updated>2026-07-17T06:43:31.040844+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "1e39f7fc-cfa1-4f59-baeb-d839e9f1aaf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56245", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp235bvzp62x", "content": "CVE-2026-56245 - Supabase Capgo - Unauthenticated Cross-Tenant Build-Time Accounting Poisoning via record_build_time RPC\nCVE ID : CVE-2026-56245\n \n Published : June 24, 2026, 11:53 a.m. | 1\u00a0hour, 17\u00a0minutes ago\n \n Description : Supabase Capgo before 12.128.2 contains an author...", "creation_timestamp": "2026-06-24T13:58:52.125176Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1e39f7fc-cfa1-4f59-baeb-d839e9f1aaf4/export"/>
    <published>2026-06-24T13:58:52.125176+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/106d215f-5aa2-4d56-935f-450b4fa88311/export</id>
    <title>106d215f-5aa2-4d56-935f-450b4fa88311</title>
    <updated>2026-07-17T06:43:31.040956+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "106d215f-5aa2-4d56-935f-450b4fa88311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56248", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moxmjserwm2r", "content": "CVE-2026-56248 - Capgo - Unauthenticated Denial-of-Service via audit_logs RLS Policy\nCVE ID : CVE-2026-56248\n \n Published : 23 juin 2026 12:12 | 1\u00a0heure, 30\u00a0minutes ago\n \n Description : Cap-go capgo (capgo-backend) before 12.128.12 contains an unauthenticated denial-of-service...", "creation_timestamp": "2026-06-23T14:32:22.731767Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/106d215f-5aa2-4d56-935f-450b4fa88311/export"/>
    <published>2026-06-23T14:32:22.731767+00:00</published>
  </entry>
</feed>
