<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-19T14:05:15.649088+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3db0453e-cac4-46ca-b3f1-e892175b132b/export</id>
    <title>3db0453e-cac4-46ca-b3f1-e892175b132b</title>
    <updated>2026-07-19T14:05:15.673885+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3db0453e-cac4-46ca-b3f1-e892175b132b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60005", "type": "seen", "source": "https://bsky.app/profile/bootintel.bsky.social/post/3mqtpeimxbh2z", "content": "nginx: CVE-2026-60005 [HIGH]\n\nNGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_slice_module module. When the slice directive and unnamed regex captures are configured or when a background cache update happens, unauthenticated a\u2026\n\nnvd.nist.gov/vuln/detail/CVE-2026-60005", "creation_timestamp": "2026-07-17T12:02:33.783562Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3db0453e-cac4-46ca-b3f1-e892175b132b/export"/>
    <published>2026-07-17T12:02:33.783562+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b947ddfd-b2c1-4d5e-b074-6fab9b0b289a/export</id>
    <title>b947ddfd-b2c1-4d5e-b074-6fab9b0b289a</title>
    <updated>2026-07-19T14:05:15.677672+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b947ddfd-b2c1-4d5e-b074-6fab9b0b289a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60005", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mqrc4ik4ie2t", "content": "\ud83d\udd17 CVE : CVE-2026-42533, CVE-2026-46333, CVE-2026-52865, CVE-2026-55723, CVE-2026-56434, CVE-2026-59762, CVE-2026-60005, CVE-2026-60062, CVE-2026-60065", "creation_timestamp": "2026-07-16T13:00:07.588072Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b947ddfd-b2c1-4d5e-b074-6fab9b0b289a/export"/>
    <published>2026-07-16T13:00:07.588072+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/11929fb9-df0b-4957-9b18-29063dc7f79f/export</id>
    <title>11929fb9-df0b-4957-9b18-29063dc7f79f</title>
    <updated>2026-07-19T14:05:15.677816+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "11929fb9-df0b-4957-9b18-29063dc7f79f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60005", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mqq5jnrowx2a", "content": "F5 patched the NGINX code execution flaw CVE-2026-42533, along with CVE-2026-60005 and CVE-2026-56434. Update NGINX Plus and Open Source builds now.\n\n#NGINX #CVE202642533 #CodeExecution #F5 #Vulnerability", "creation_timestamp": "2026-07-16T02:05:21.344898Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/11929fb9-df0b-4957-9b18-29063dc7f79f/export"/>
    <published>2026-07-16T02:05:21.344898+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/89688195-ab99-4b9f-9020-ad2dfca12680/export</id>
    <title>89688195-ab99-4b9f-9020-ad2dfca12680</title>
    <updated>2026-07-19T14:05:15.677924+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "89688195-ab99-4b9f-9020-ad2dfca12680", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60005", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqp73k3zia2r", "content": "\ud83d\udfe0 CVE-2026-60005 - High (8.2)\n\nNGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_slice_module module. When t...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-60005/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-15T17:00:35.053332Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/89688195-ab99-4b9f-9020-ad2dfca12680/export"/>
    <published>2026-07-15T17:00:35.053332+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/89e2b516-1b0b-4abe-9de5-76ab65cbcd38/export</id>
    <title>89e2b516-1b0b-4abe-9de5-76ab65cbcd38</title>
    <updated>2026-07-19T14:05:15.678026+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "89e2b516-1b0b-4abe-9de5-76ab65cbcd38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60001", "type": "seen", "source": "https://bsky.app/profile/bootintel.bsky.social/post/3mqe75dswgl2g", "content": "OpenSSH: CVE-2026-60001 [MEDIUM]\n\nsshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.\n\nnvd.nist.gov/vuln/detail/CVE-2026-60001", "creation_timestamp": "2026-07-11T08:02:17.968108Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/89e2b516-1b0b-4abe-9de5-76ab65cbcd38/export"/>
    <published>2026-07-11T08:02:17.968108+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2b29f0f2-0245-4545-8abf-c2cb61292e7b/export</id>
    <title>2b29f0f2-0245-4545-8abf-c2cb61292e7b</title>
    <updated>2026-07-19T14:05:15.678128+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2b29f0f2-0245-4545-8abf-c2cb61292e7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60002", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqa5pmucgx2f", "content": "CVE-2026-60002 - openssh\nOpenSSH servers before version 10.4 can crash connected clients if their host key is changed during a secure connection. This could potentially be exploited by an attacker, but only\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#openssh #openbsd #CVE #infosec", "creation_timestamp": "2026-07-09T17:26:05.996007Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2b29f0f2-0245-4545-8abf-c2cb61292e7b/export"/>
    <published>2026-07-09T17:26:05.996007+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e8b75658-00bb-4c61-b246-d1112d06f3aa/export</id>
    <title>e8b75658-00bb-4c61-b246-d1112d06f3aa</title>
    <updated>2026-07-19T14:05:15.678228+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e8b75658-00bb-4c61-b246-d1112d06f3aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60002", "type": "seen", "source": "https://bsky.app/profile/bootintel.bsky.social/post/3mq5vxbd2pv2h", "content": "HIGH severity CVE just published in OpenSSH:\n\nCVE-2026-60002. ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)\n\nnvd.nist.gov/vuln/detail/CVE-2026-60002", "creation_timestamp": "2026-07-08T20:01:52.673741Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e8b75658-00bb-4c61-b246-d1112d06f3aa/export"/>
    <published>2026-07-08T20:01:52.673741+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c22b88af-cb54-4a1b-b5af-a484c13ecdf4/export</id>
    <title>c22b88af-cb54-4a1b-b5af-a484c13ecdf4</title>
    <updated>2026-07-19T14:05:15.678322+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c22b88af-cb54-4a1b-b5af-a484c13ecdf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60002", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mq5fzlonys2r", "content": "OpenSSH 10.4 ships eight security fixes, including a client use-after-free (CVE-2026-60002) plus SFTP and SCP path bugs. Update now.\n\n#OpenSSH #SSH #UseAfterFree #CVE #InfoSec #CyberSecurity", "creation_timestamp": "2026-07-08T15:16:50.333059Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c22b88af-cb54-4a1b-b5af-a484c13ecdf4/export"/>
    <published>2026-07-08T15:16:50.333059+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/61399bb4-c163-45e7-a9e8-d93d572e1664/export</id>
    <title>61399bb4-c163-45e7-a9e8-d93d572e1664</title>
    <updated>2026-07-19T14:05:15.678420+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "61399bb4-c163-45e7-a9e8-d93d572e1664", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60001", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq4butxpqx2z", "content": "CVE-2026-60001 - OpenSSH Authentication Delay Bypass\nCVE ID : CVE-2026-60001\n \n Published : July 8, 2026, 1:16 a.m. | 2\u00a0hours, 32\u00a0minutes ago\n \n Description : sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.\n \n Severity: 6.5 | MEDIUM\n \n Visit...", "creation_timestamp": "2026-07-08T04:29:56.202228Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/61399bb4-c163-45e7-a9e8-d93d572e1664/export"/>
    <published>2026-07-08T04:29:56.202228+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/239636c3-a2c3-48ef-9089-ae371083fc10/export</id>
    <title>239636c3-a2c3-48ef-9089-ae371083fc10</title>
    <updated>2026-07-19T14:05:15.678516+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "239636c3-a2c3-48ef-9089-ae371083fc10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60002", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq4azymnyu25", "content": "CVE-2026-60002 - OpenSSH Client Use-After-Free Vulnerability\nCVE ID : CVE-2026-60002\n \n Published : July 8, 2026, 1:16 a.m. | 2\u00a0hours, 32\u00a0minutes ago\n \n Description : ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchan...", "creation_timestamp": "2026-07-08T04:14:58.120085Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/239636c3-a2c3-48ef-9089-ae371083fc10/export"/>
    <published>2026-07-08T04:14:58.120085+00:00</published>
  </entry>
</feed>
