<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-11T09:40:49.049072+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/285b804f-da4b-427c-970f-68d748f9e0f1/export</id>
    <title>285b804f-da4b-427c-970f-68d748f9e0f1</title>
    <updated>2026-07-11T09:40:49.069291+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "285b804f-da4b-427c-970f-68d748f9e0f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6637", "type": "seen", "source": "https://bsky.app/profile/pgexperts.bsky.social/post/3mpoqnlvu3i2b", "content": "PostgreSQL's May 2026 release fixed 11 CVEs. One is CVE-2026-6637: a stack buffer overflow in the refint contrib module that lets an unprivileged user run code as the postgres OS user. CVSS 8.8.\n\nwww.postgresql.org/support/secu...\n\npgexperts.com\n\n#PostgreSQL #Postgres", "creation_timestamp": "2026-07-02T19:17:02.699353Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/285b804f-da4b-427c-970f-68d748f9e0f1/export"/>
    <published>2026-07-02T19:17:02.699353+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/720c27f3-a552-4b75-8d88-9de3848fe15e/export</id>
    <title>720c27f3-a552-4b75-8d88-9de3848fe15e</title>
    <updated>2026-07-11T09:40:49.070937+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "720c27f3-a552-4b75-8d88-9de3848fe15e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-6637", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0816", "content": "", "creation_timestamp": "2026-07-01T02:45:29.018586Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/720c27f3-a552-4b75-8d88-9de3848fe15e/export"/>
    <published>2026-07-01T02:45:29.018586+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/53add2c0-3d28-49f6-a9dc-9d121325a168/export</id>
    <title>53add2c0-3d28-49f6-a9dc-9d121325a168</title>
    <updated>2026-07-11T09:40:49.071799+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "53add2c0-3d28-49f6-a9dc-9d121325a168", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6637", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mpgkznxcc72u", "content": "\ud83d\udd17 CVE : CVE-2026-6473, CVE-2026-6475, CVE-2026-6477, CVE-2026-6637, CVE-2026-6638", "creation_timestamp": "2026-06-29T13:15:07.413420Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/53add2c0-3d28-49f6-a9dc-9d121325a168/export"/>
    <published>2026-06-29T13:15:07.413420+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f6fdfd4a-381d-4eff-ad8d-740986c99416/export</id>
    <title>f6fdfd4a-381d-4eff-ad8d-740986c99416</title>
    <updated>2026-07-11T09:40:49.071904+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f6fdfd4a-381d-4eff-ad8d-740986c99416", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6637", "type": "seen", "source": "https://bsky.app/profile/pgexperts.bsky.social/post/3mp7nu2t4de2c", "content": "Reminder that the 2026-05-14 PostgreSQL release fixed 11 CVEs. One was a stack buffer overflow in refint (CVE-2026-6637): arbitrary code execution as the postgres OS user, from a contrib module old enough to vote.\n\nRelease: www.postgresql.org/about/news/p...\n\npgexperts.com\n\n#PostgreSQL #postgres", "creation_timestamp": "2026-06-26T19:17:03.300661Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f6fdfd4a-381d-4eff-ad8d-740986c99416/export"/>
    <published>2026-06-26T19:17:03.300661+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/fbc09040-1cbe-433b-bcac-05429530703a/export</id>
    <title>fbc09040-1cbe-433b-bcac-05429530703a</title>
    <updated>2026-07-11T09:40:49.071990+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "fbc09040-1cbe-433b-bcac-05429530703a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6637", "type": "seen", "source": "https://bsky.app/profile/pgexperts.bsky.social/post/3mmrpfk7f2p2m", "content": "CVE-2026-6637: stack buffer overflow plus SQL injection in contrib/refint. CVSS 8.8. refint is a 1990s referential-integrity workaround that has been pointless since real foreign keys shipped. If it is loaded anywhere in your fleet, fix that today.\n\nwww.postgresql.org/support/secu...\n\npgexperts.com", "creation_timestamp": "2026-05-26T19:17:03.228661Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/fbc09040-1cbe-433b-bcac-05429530703a/export"/>
    <published>2026-05-26T19:17:03.228661+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9baca6be-a018-46e3-9196-2a62258654c3/export</id>
    <title>9baca6be-a018-46e3-9196-2a62258654c3</title>
    <updated>2026-07-11T09:40:49.072074+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9baca6be-a018-46e3-9196-2a62258654c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6637", "type": "seen", "source": "https://bsky.app/profile/cyberowi.pl/post/3mmgpraivvo2y", "content": "\ud83d\udea8 CVE-2026-6637: Luka w PostgreSQL pozwala na wykonanie kodu\n\nWykryto 11 luk w PostgreSQL, w tym krytyczn\u0105 CVE-2026-6637. Umo\u017cliwia ona nieuprzywilejowanemu u\u017cytkownikowi bazy danych wykonanie\n\nhttps://cyberowi.pl/cve-2026-6637-luka-w-postgresql-pozwala-na-wykonanie-kodu/\n\n#cyberbezpieczenstwo", "creation_timestamp": "2026-05-22T10:24:18.397154Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9baca6be-a018-46e3-9196-2a62258654c3/export"/>
    <published>2026-05-22T10:24:18.397154+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2dd1b621-6d0e-4b09-aa83-4973304cdd6b/export</id>
    <title>2dd1b621-6d0e-4b09-aa83-4973304cdd6b</title>
    <updated>2026-07-11T09:40:49.072165+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2dd1b621-6d0e-4b09-aa83-4973304cdd6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6637", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mm5g3ixq2d2p", "content": "\ud83d\udccc CVE-2026-6637 - Stack buffer overflow in PostgreSQL module \"refint\" allows an unprivileged database user to execute arbitrary code as the operating system user runnin... https://www.cyberhub.blog/cves/CVE-2026-6637", "creation_timestamp": "2026-05-18T17:37:08.075287Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2dd1b621-6d0e-4b09-aa83-4973304cdd6b/export"/>
    <published>2026-05-18T17:37:08.075287+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ee7fd399-9ba1-405f-bac7-9782c7ae250e/export</id>
    <title>ee7fd399-9ba1-405f-bac7-9782c7ae250e</title>
    <updated>2026-07-11T09:40:49.072248+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "ee7fd399-9ba1-405f-bac7-9782c7ae250e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-6637", "type": "seen", "source": "https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-postgresql-1", "content": "", "creation_timestamp": "2026-05-18T06:01:20.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ee7fd399-9ba1-405f-bac7-9782c7ae250e/export"/>
    <published>2026-05-18T06:01:20+00:00</published>
  </entry>
</feed>
