<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-04T22:48:11.185846+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/672ee922-262d-454e-8f38-115399335b73/export</id>
    <title>672ee922-262d-454e-8f38-115399335b73</title>
    <updated>2026-07-04T22:48:11.203899+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "672ee922-262d-454e-8f38-115399335b73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8037", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mptamqs6262h", "content": "Every internet-facing Progress $PRGS Kemp LoadMaster is now a target. CVE-2026-8037, a CVSS 9.6 command-injection bug, lets an unauthenticated attacker run root commands on the load balancer. Working exploit code went public June 29, and eSentire is already logging exploitation attempts.", "creation_timestamp": "2026-07-04T14:13:33.547010Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/672ee922-262d-454e-8f38-115399335b73/export"/>
    <published>2026-07-04T14:13:33.547010+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b29b76e9-1285-49df-a870-29449f6ea60f/export</id>
    <title>b29b76e9-1285-49df-a870-29449f6ea60f</title>
    <updated>2026-07-04T22:48:11.206707+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b29b76e9-1285-49df-a870-29449f6ea60f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8037", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mps6iw3eyi2d", "content": "CVE-2026-8037: Unauthenticated RCE in Progress Kemp LoadMaster \u2013 Patch Now or Get Pwned +\u00a0Video\n\nIntroduction A critical security flaw in Progress Kemp LoadMaster, tracked as CVE-2026-8037, is currently being actively exploited in the wild. This vulnerability allows unauthenticated attackers to\u2026", "creation_timestamp": "2026-07-04T04:02:58.023816Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b29b76e9-1285-49df-a870-29449f6ea60f/export"/>
    <published>2026-07-04T04:02:58.023816+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/eb88d08c-3b7b-4a0d-b137-556b2fddb3ed/export</id>
    <title>eb88d08c-3b7b-4a0d-b137-556b2fddb3ed</title>
    <updated>2026-07-04T22:48:11.206896+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "eb88d08c-3b7b-4a0d-b137-556b2fddb3ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8037", "type": "seen", "source": "https://bsky.app/profile/lasenal.bsky.social/post/3mprvedjhj32c", "content": "Falla cr\u00edtica en Kemp LoadMaster: root sin clave.\n\nCVE-2026-8037 (severidad 9,8) deja a un atacante sin autenticar ejecutar comandos como root en el balanceador Kemp LoadMaster con una petici\u00f3n armada a su API. Ya hay parche.\n\nLeer en Progress\n\n#LaSe\u00f1alNews #Ciberseguridad #CyberSecurity", "creation_timestamp": "2026-07-04T01:19:20.180152Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/eb88d08c-3b7b-4a0d-b137-556b2fddb3ed/export"/>
    <published>2026-07-04T01:19:20.180152+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b3131cf7-be98-4065-8c7e-69925bd20637/export</id>
    <title>b3131cf7-be98-4065-8c7e-69925bd20637</title>
    <updated>2026-07-04T22:48:11.206973+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b3131cf7-be98-4065-8c7e-69925bd20637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-8037", "type": "seen", "source": "https://infosec.exchange/ap/users/116769913619325742/statuses/116856800011935767", "content": "\ud83d\udd34 EXPLOITED\nProgress Kemp LoadMaster has an unauthenticated flaw (CVE-2026-8037) that runs commands as root through its management API.\nIt is now being exploited, and a public exploit is out.\nFix: update to GA 7.2.63.2 or LTSF 7.2.54.18, and take the API off the internet.\nhttps://suriq.io/blog/kemp-loadmaster-cve-2026-8037-exploited\n#CVE #Phishing #infosec #cybersecurity", "creation_timestamp": "2026-07-03T15:41:14.543263Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b3131cf7-be98-4065-8c7e-69925bd20637/export"/>
    <published>2026-07-03T15:41:14.543263+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/78c167ba-f674-4e80-bede-53471db7791e/export</id>
    <title>78c167ba-f674-4e80-bede-53471db7791e</title>
    <updated>2026-07-04T22:48:11.207053+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "78c167ba-f674-4e80-bede-53471db7791e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8037", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mpqv26uqz52x", "content": "\ud83d\udd34 EXPLOITED\n\nProgress Kemp LoadMaster has an unauthenticated flaw (CVE-2026-8037) that runs commands as root through its management API.\n\nIt is now being exploited, and a public exploit is out.\n\nFix: update to GA 7.2.63.2 or LTSF 7.2.54.18, and take the API off the internet.", "creation_timestamp": "2026-07-03T15:41:00.272797Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/78c167ba-f674-4e80-bede-53471db7791e/export"/>
    <published>2026-07-03T15:41:00.272797+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9a0325fe-7e54-473f-9e88-86fdd28c831a/export</id>
    <title>9a0325fe-7e54-473f-9e88-86fdd28c831a</title>
    <updated>2026-07-04T22:48:11.207125+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9a0325fe-7e54-473f-9e88-86fdd28c831a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8037", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-8037.yaml", "content": "", "creation_timestamp": "2026-07-03T00:00:03.485524Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9a0325fe-7e54-473f-9e88-86fdd28c831a/export"/>
    <published>2026-07-03T00:00:03.485524+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b2978e55-2a71-47e1-bd16-406fbaed2b97/export</id>
    <title>b2978e55-2a71-47e1-bd16-406fbaed2b97</title>
    <updated>2026-07-04T22:48:11.207200+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b2978e55-2a71-47e1-bd16-406fbaed2b97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8037", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mpohx4nyjm26", "content": "Critical flaw in Progress Kemp LoadMaster (CVE-2026-8037) under active attack. Update now. #CyberSecurity #KempLoadMaster #CVE20268037 #NetworkSecurity #PatchNow #InfoSec thedailytechfeed.com/critical-vul...", "creation_timestamp": "2026-07-02T16:41:19.398781Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b2978e55-2a71-47e1-bd16-406fbaed2b97/export"/>
    <published>2026-07-02T16:41:19.398781+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/40e1ef68-6f28-4a48-9210-54d322878fed/export</id>
    <title>40e1ef68-6f28-4a48-9210-54d322878fed</title>
    <updated>2026-07-04T22:48:11.207269+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "40e1ef68-6f28-4a48-9210-54d322878fed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8037", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mpoeem2dmu22", "content": "4/ \u26a0\ufe0f Kemp LoadMaster CVE-2026-8037 (CVSS 9.6): pre-auth root command execution in a load balancer sitting at your network's front door. Under active attack since June 29.", "creation_timestamp": "2026-07-02T15:37:27.167421Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/40e1ef68-6f28-4a48-9210-54d322878fed/export"/>
    <published>2026-07-02T15:37:27.167421+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f7b48563-7af7-4271-88d2-33b2ddc6870c/export</id>
    <title>f7b48563-7af7-4271-88d2-33b2ddc6870c</title>
    <updated>2026-07-04T22:48:11.207338+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f7b48563-7af7-4271-88d2-33b2ddc6870c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8037", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mpoeem2cnm22", "content": "4/ \u26a0\ufe0f Kemp LoadMaster CVE-2026-8037 (CVSS 9.6): pre-auth root command execution in a load balancer sitting at your network's front door. Under active attack since June 29.", "creation_timestamp": "2026-07-02T15:37:26.319449Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f7b48563-7af7-4271-88d2-33b2ddc6870c/export"/>
    <published>2026-07-02T15:37:26.319449+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/0d0987e7-0bb0-4f4a-998f-33a1640353d0/export</id>
    <title>0d0987e7-0bb0-4f4a-998f-33a1640353d0</title>
    <updated>2026-07-04T22:48:11.207407+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "0d0987e7-0bb0-4f4a-998f-33a1640353d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8037", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mpoeem2ap422", "content": "4/ \u26a0\ufe0f Kemp LoadMaster CVE-2026-8037 (CVSS 9.6): pre-auth root command execution in a load balancer sitting at your network's front door. Under active attack since June 29.", "creation_timestamp": "2026-07-02T15:37:25.483670Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/0d0987e7-0bb0-4f4a-998f-33a1640353d0/export"/>
    <published>2026-07-02T15:37:25.483670+00:00</published>
  </entry>
</feed>
