<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-17T23:42:34.747917+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f5503e06-4be8-49a2-b60d-c484c43aab55/export</id>
    <title>f5503e06-4be8-49a2-b60d-c484c43aab55</title>
    <updated>2026-07-17T23:42:34.771403+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f5503e06-4be8-49a2-b60d-c484c43aab55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-62187", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqovfe5as62u", "content": "\ud83d\udccc CVE-2026-62187 - OpenClaw Feishu tools (npm package @openclaw/feishu) in versions &amp;lt;= 2026.6.6 could ignore per-account disablement. A lower-trust caller or a configure... https://www.cyberhub.blog/cves/CVE-2026-62187", "creation_timestamp": "2026-07-15T14:07:06.567428Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f5503e06-4be8-49a2-b60d-c484c43aab55/export"/>
    <published>2026-07-15T14:07:06.567428+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f2e12217-6aed-4e56-bb9d-55f56623b341/export</id>
    <title>f2e12217-6aed-4e56-bb9d-55f56623b341</title>
    <updated>2026-07-17T23:42:34.774446+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f2e12217-6aed-4e56-bb9d-55f56623b341", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-62186", "type": "seen", "source": "https://mastodon.social/users/hugovalters/statuses/116918699311489381", "content": "CVE-2026-62186 - Authorization bypass in Openclaw before 2026.6.8. Lower-trust callers can exploit HTTP model overrides to bypass admin controls. CVSS 7.6. No patch yet. Harden your input validation and access controls immediately. #CVE #infosec #Openclaw\nhttps://www.valtersit.com/cve/CVE-2026-62186/", "creation_timestamp": "2026-07-14T14:02:51.138633Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f2e12217-6aed-4e56-bb9d-55f56623b341/export"/>
    <published>2026-07-14T14:02:51.138633+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f1c0d13f-7a61-48af-9363-c1f26889b552/export</id>
    <title>f1c0d13f-7a61-48af-9363-c1f26889b552</title>
    <updated>2026-07-17T23:42:34.774543+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f1c0d13f-7a61-48af-9363-c1f26889b552", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-62186", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mqmeoeeuin2e", "content": "CVE-2026-62186 - Authorization bypass in Openclaw before 2026.6.8. Lower-trust callers can exploit HTTP model overrides to bypass admin controls. CVSS 7.6. No patch yet. Harden your input validation and access controls immediately. #CVE #in...\n\nhttps://www.valtersit.com/cve/CVE-2026-62186/", "creation_timestamp": "2026-07-14T14:02:35.651788Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f1c0d13f-7a61-48af-9363-c1f26889b552/export"/>
    <published>2026-07-14T14:02:35.651788+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/0c7f9c3d-da76-49c4-b74d-0251ac20654f/export</id>
    <title>0c7f9c3d-da76-49c4-b74d-0251ac20654f</title>
    <updated>2026-07-17T23:42:34.774622+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "0c7f9c3d-da76-49c4-b74d-0251ac20654f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-62187", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mqm5ydioea2n", "content": "CVE-2026-62187 - Privilege Escalation in Openclaw Feishu tools. Bypasses per-account disablement allowing unauthorized actions. CVSS 8.1. Update to v2026.6.9 immediately. #CVE #Openclaw #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-62187/", "creation_timestamp": "2026-07-14T12:03:09.540799Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/0c7f9c3d-da76-49c4-b74d-0251ac20654f/export"/>
    <published>2026-07-14T12:03:09.540799+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9871b896-3943-41ec-84a9-9b46774c897c/export</id>
    <title>9871b896-3943-41ec-84a9-9b46774c897c</title>
    <updated>2026-07-17T23:42:34.774695+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9871b896-3943-41ec-84a9-9b46774c897c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-62187", "type": "seen", "source": "https://mastodon.social/users/hugovalters/statuses/116918228655494378", "content": "CVE-2026-62187 - Privilege Escalation in Openclaw Feishu tools. Bypasses per-account disablement allowing unauthorized actions. CVSS 8.1. Update to v2026.6.9 immediately. #CVE #Openclaw #infosec\nhttps://www.valtersit.com/cve/CVE-2026-62187/", "creation_timestamp": "2026-07-14T12:03:09.511555Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9871b896-3943-41ec-84a9-9b46774c897c/export"/>
    <published>2026-07-14T12:03:09.511555+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8fbde5ba-f781-4f46-924f-af57cfbec791/export</id>
    <title>8fbde5ba-f781-4f46-924f-af57cfbec791</title>
    <updated>2026-07-17T23:42:34.774763+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8fbde5ba-f781-4f46-924f-af57cfbec791", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-62188", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqktx6xbvt27", "content": "CVE-2026-62188 - OpenClaw\nCVE ID : CVE-2026-62188\n \n Published : July 13, 2026, 9:30 p.m. | 22\u00a0minutes ago\n \n Description : OpenClaw @openclaw/feishu versions 2026.6.6 and earlier contain an incorrect authorization vulnerability in which the Feishu permission tools could ignor...", "creation_timestamp": "2026-07-13T23:30:38.695885Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8fbde5ba-f781-4f46-924f-af57cfbec791/export"/>
    <published>2026-07-13T23:30:38.695885+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ca7138fd-85f8-4757-a992-de4cb27b90d3/export</id>
    <title>ca7138fd-85f8-4757-a992-de4cb27b90d3</title>
    <updated>2026-07-17T23:42:34.774832+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ca7138fd-85f8-4757-a992-de4cb27b90d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-62184", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqkrur56ci2g", "content": "CVE-2026-62184 - luci-app-banip Log Monitor IP Extraction Bypass\nCVE ID : CVE-2026-62184\n \n Published : July 13, 2026, 9:30 p.m. | 22\u00a0minutes ago\n \n Description : luci-app-banip contains a log parsing vulnerability where the awk-based parser extracts the first IPv4 address fro...", "creation_timestamp": "2026-07-13T22:53:29.410287Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ca7138fd-85f8-4757-a992-de4cb27b90d3/export"/>
    <published>2026-07-13T22:53:29.410287+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/af4e5e7e-16ac-4670-89ce-79c8042cef65/export</id>
    <title>af4e5e7e-16ac-4670-89ce-79c8042cef65</title>
    <updated>2026-07-17T23:42:34.774898+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "af4e5e7e-16ac-4670-89ce-79c8042cef65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-62187", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqkrm5eao22k", "content": "CVE-2026-62187 - OpenClaw\nCVE ID : CVE-2026-62187\n \n Published : July 13, 2026, 9:30 p.m. | 22\u00a0minutes ago\n \n Description : OpenClaw Feishu tools (npm package @openclaw/feishu) in versions &amp;lt;= 2026.6.6 could ignore per-account disablement. A lower-trust caller or a configure...", "creation_timestamp": "2026-07-13T22:48:40.479968Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/af4e5e7e-16ac-4670-89ce-79c8042cef65/export"/>
    <published>2026-07-13T22:48:40.479968+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/82ffd940-1c0e-4787-933e-33d36e8e9b6a/export</id>
    <title>82ffd940-1c0e-4787-933e-33d36e8e9b6a</title>
    <updated>2026-07-17T23:42:34.774965+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "82ffd940-1c0e-4787-933e-33d36e8e9b6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-62185", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqkrepm4uj2g", "content": "CVE-2026-62185 - Argo CD Helm Chart\nCVE ID : CVE-2026-62185\n \n Published : July 13, 2026, 9:31 p.m. | 20\u00a0minutes ago\n \n Description : Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Ar...", "creation_timestamp": "2026-07-13T22:44:31.066595Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/82ffd940-1c0e-4787-933e-33d36e8e9b6a/export"/>
    <published>2026-07-13T22:44:31.066595+00:00</published>
  </entry>
</feed>
