<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-15T12:03:20.079399+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4d611b22-94f3-47d2-8525-9e55c6faa453/export</id>
    <title>4d611b22-94f3-47d2-8525-9e55c6faa453</title>
    <updated>2026-07-15T12:03:20.113567+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "4d611b22-94f3-47d2-8525-9e55c6faa453", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-56451", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-per-prodotti-siemens-24", "content": "", "creation_timestamp": "2026-07-14T12:45:05.511195Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4d611b22-94f3-47d2-8525-9e55c6faa453/export"/>
    <published>2026-07-14T12:45:05.511195+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/68a985c1-6513-4ae7-80d4-1d3152e75054/export</id>
    <title>68a985c1-6513-4ae7-80d4-1d3152e75054</title>
    <updated>2026-07-15T12:03:20.115935+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "68a985c1-6513-4ae7-80d4-1d3152e75054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56451", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqm6neflbs27", "content": "CVE-2026-56451 - Opcenter X JWT Algorithm Confusion Vulnerability\nCVE ID : CVE-2026-56451\n \n Published : July 14, 2026, 10:16 a.m. | 1\u00a0hour, 14\u00a0minutes ago\n \n Description : A vulnerability has been identified in Opcenter X (All versions &amp;lt; V2604). Affected applications do no...", "creation_timestamp": "2026-07-14T12:14:40.359839Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/68a985c1-6513-4ae7-80d4-1d3152e75054/export"/>
    <published>2026-07-14T12:14:40.359839+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8f01772f-3171-4b9c-9256-ef38698a683e/export</id>
    <title>8f01772f-3171-4b9c-9256-ef38698a683e</title>
    <updated>2026-07-15T12:03:20.117117+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8f01772f-3171-4b9c-9256-ef38698a683e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56451", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqlzhuqjjp2r", "content": "CVE-2026-56451\nOpcenter X versions prior to V2604 do not properly check JWT headers. This allows an attacker to create fake user identities, potentially gaining full access to the application. Update to version V2604 or later\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-14T10:42:07.025237Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8f01772f-3171-4b9c-9256-ef38698a683e/export"/>
    <published>2026-07-14T10:42:07.025237+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7d1bc98a-e477-4b4f-b8f1-9eef1e7f7bde/export</id>
    <title>7d1bc98a-e477-4b4f-b8f1-9eef1e7f7bde</title>
    <updated>2026-07-15T12:03:20.117245+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7d1bc98a-e477-4b4f-b8f1-9eef1e7f7bde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56451", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqlyt42e3r2x", "content": "CVE-2026-56451: Siemens Opcenter X (&amp;lt;2604) has a CRITICAL flaw \u2014 attackers can forge JWTs and gain full access. Restrict exposure &amp;amp; monitor activity until a fix is released. https://radar.offseq.com/threat/cve-2026-56451-cwe-347-improper-verification-of-cr-44aef26a03e69f33 #OffSeq #CVE202656451 #...", "creation_timestamp": "2026-07-14T10:30:30.304798Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7d1bc98a-e477-4b4f-b8f1-9eef1e7f7bde/export"/>
    <published>2026-07-14T10:30:30.304798+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/0aae6f45-46b6-4697-8d3c-ee1584906508/export</id>
    <title>0aae6f45-46b6-4697-8d3c-ee1584906508</title>
    <updated>2026-07-15T12:03:20.117349+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "0aae6f45-46b6-4697-8d3c-ee1584906508", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56451", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116917864212446754", "content": "CVE-2026-56451 (CRITICAL, CVSS 10) in Siemens Opcenter X &amp;lt;2604: Improper JWT signature validation allows remote attackers to bypass authentication &amp;amp; impersonate users/admins. Restrict access &amp;amp; monitor while awaiting patch. https://radar.offseq.com/threat/cve-2026-56451-cwe-347-improper-verification-of-cr-44aef26a03e69f33 #OffSeq #CVE202656451 #infosec #Siemens", "creation_timestamp": "2026-07-14T10:30:28.392596Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/0aae6f45-46b6-4697-8d3c-ee1584906508/export"/>
    <published>2026-07-14T10:30:28.392596+00:00</published>
  </entry>
</feed>
