https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 11 Jun 2026 08:24:26 +0000 https://vulnerability.circl.lu/sighting/dd4001e6-c1cc-40b9-a54c-f973d24666e2/export {"uuid": "dd4001e6-c1cc-40b9-a54c-f973d24666e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/kubonai.bsky.social/post/3mmvsjfsess2s", "content": "Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign\n\nA large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980...\n\n\ud83d\udd17 https://ipsec.live/blog/2026-05-28-ghost-cms-sql-injection-flaw-exploited-in-largescale-clickfi\n\n#infosec #cybersecurity", "creation_timestamp": "2026-05-28T10:23:32.666604Z"} {"uuid": "dd4001e6-c1cc-40b9-a54c-f973d24666e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/kubonai.bsky.social/post/3mmvsjfsess2s", "content": "Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign\n\nA large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980...\n\n\ud83d\udd17 https://ipsec.live/blog/2026-05-28-ghost-cms-sql-injection-flaw-exploited-in-largescale-clickfi\n\n#infosec #cybersecurity", "creation_timestamp": "2026-05-28T10:23:32.666604Z"} https://vulnerability.circl.lu/sighting/dd4001e6-c1cc-40b9-a54c-f973d24666e2/export Thu, 28 May 2026 10:23:32 +0000 https://vulnerability.circl.lu/sighting/1d25efe0-6ada-450b-8d2b-a3b019105fac/export {"uuid": "1d25efe0-6ada-450b-8d2b-a3b019105fac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/diesec.bsky.social/post/3mmvukqtxhy2d", "content": "700+ sites hijacked via Ghost CMS CVE-2026-26980\n\nHarvard, Oxford among victims. Unauthenticated SQL injection extracts Admin API key in one request.\nEvery visitor now served ClickFix malware.\n\nPatch was released February 19.\n\n#CyberSecurity #ClickFix #PatchManagement", "creation_timestamp": "2026-05-28T11:00:06.087422Z"} {"uuid": "1d25efe0-6ada-450b-8d2b-a3b019105fac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/diesec.bsky.social/post/3mmvukqtxhy2d", "content": "700+ sites hijacked via Ghost CMS CVE-2026-26980\n\nHarvard, Oxford among victims. Unauthenticated SQL injection extracts Admin API key in one request.\nEvery visitor now served ClickFix malware.\n\nPatch was released February 19.\n\n#CyberSecurity #ClickFix #PatchManagement", "creation_timestamp": "2026-05-28T11:00:06.087422Z"} https://vulnerability.circl.lu/sighting/1d25efe0-6ada-450b-8d2b-a3b019105fac/export Thu, 28 May 2026 11:00:06 +0000 https://vulnerability.circl.lu/sighting/e464c793-3553-408b-a6cc-dc24eaa8afb9/export {"uuid": "e464c793-3553-408b-a6cc-dc24eaa8afb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mmxikgplyz2a", "content": "Top 3 CVE for last 7 days:\nCVE-2026-69: 19 interactions\nCVE-2026-26980: 17 interactions\nCVE-2026-46333: 17 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-35616: 10 interactions\nCVE-2026-25592: 7 interactions\nCVE-2026-26030: 7 interactions\n", "creation_timestamp": "2026-05-29T02:30:29.487851Z"} {"uuid": "e464c793-3553-408b-a6cc-dc24eaa8afb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mmxikgplyz2a", "content": "Top 3 CVE for last 7 days:\nCVE-2026-69: 19 interactions\nCVE-2026-26980: 17 interactions\nCVE-2026-46333: 17 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-35616: 10 interactions\nCVE-2026-25592: 7 interactions\nCVE-2026-26030: 7 interactions\n", "creation_timestamp": "2026-05-29T02:30:29.487851Z"} https://vulnerability.circl.lu/sighting/e464c793-3553-408b-a6cc-dc24eaa8afb9/export Fri, 29 May 2026 02:30:29 +0000 https://vulnerability.circl.lu/sighting/d93b3d91-a3a7-4d42-abff-edda51a8e573/export {"uuid": "d93b3d91-a3a7-4d42-abff-edda51a8e573", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mmzyyyywj42g", "content": "Top 3 CVE for last 7 days:\nCVE-2026-48095: 19 interactions\nCVE-2026-69: 19 interactions\nCVE-2026-26980: 16 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-31431: 6 interactions\nCVE-2026-48095: 6 interactions\nCVE-2026-39987: 4 interactions\n", "creation_timestamp": "2026-05-30T02:30:17.951386Z"} {"uuid": "d93b3d91-a3a7-4d42-abff-edda51a8e573", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mmzyyyywj42g", "content": "Top 3 CVE for last 7 days:\nCVE-2026-48095: 19 interactions\nCVE-2026-69: 19 interactions\nCVE-2026-26980: 16 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-31431: 6 interactions\nCVE-2026-48095: 6 interactions\nCVE-2026-39987: 4 interactions\n", "creation_timestamp": "2026-05-30T02:30:17.951386Z"} https://vulnerability.circl.lu/sighting/d93b3d91-a3a7-4d42-abff-edda51a8e573/export Sat, 30 May 2026 02:30:17 +0000 https://vulnerability.circl.lu/sighting/39285b7a-94be-4a7d-bdc3-675359386e17/export {"uuid": "39285b7a-94be-4a7d-bdc3-675359386e17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mn4jisrb4f2i", "content": "Top 3 CVE for last 7 days:\nCVE-2026-48095: 19 interactions\nCVE-2026-0257: 17 interactions\nCVE-2026-26980: 16 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-0257: 14 interactions\nCVE-2026-21852: 3 interactions\nCVE-2026-39987: 3 interactions\n", "creation_timestamp": "2026-05-31T02:30:47.869340Z"} {"uuid": "39285b7a-94be-4a7d-bdc3-675359386e17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mn4jisrb4f2i", "content": "Top 3 CVE for last 7 days:\nCVE-2026-48095: 19 interactions\nCVE-2026-0257: 17 interactions\nCVE-2026-26980: 16 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-0257: 14 interactions\nCVE-2026-21852: 3 interactions\nCVE-2026-39987: 3 interactions\n", "creation_timestamp": "2026-05-31T02:30:47.869340Z"} https://vulnerability.circl.lu/sighting/39285b7a-94be-4a7d-bdc3-675359386e17/export Sun, 31 May 2026 02:30:47 +0000 https://vulnerability.circl.lu/sighting/6e4f03bd-4ee5-432e-94cd-5cfc21c40a30/export {"uuid": "6e4f03bd-4ee5-432e-94cd-5cfc21c40a30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mn4xst44p22y", "content": "Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks\n\nthehackernews.com/2026/05/ghos...\n\n#Cybersecurity #ThreatIntel #Vulnerability", "creation_timestamp": "2026-05-31T06:46:57.057908Z"} {"uuid": "6e4f03bd-4ee5-432e-94cd-5cfc21c40a30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mn4xst44p22y", "content": "Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks\n\nthehackernews.com/2026/05/ghos...\n\n#Cybersecurity #ThreatIntel #Vulnerability", "creation_timestamp": "2026-05-31T06:46:57.057908Z"} https://vulnerability.circl.lu/sighting/6e4f03bd-4ee5-432e-94cd-5cfc21c40a30/export Sun, 31 May 2026 06:46:57 +0000 https://vulnerability.circl.lu/sighting/3f4fe2a2-fe34-44e7-b909-e81eebfcfbcf/export {"uuid": "3f4fe2a2-fe34-44e7-b909-e81eebfcfbcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mn7mf3efea2j", "content": "SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99\n\nA new vulnerability has landed and it deserves attention. CVE-2026-26980: SECURI\n\nhttps://securitycyber.uk\n\n\n\nTraining: https://www.hackthebox.com https://portswigger.net/web-security", "creation_timestamp": "2026-06-01T08:00:22.839606Z"} {"uuid": "3f4fe2a2-fe34-44e7-b909-e81eebfcfbcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mn7mf3efea2j", "content": "SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99\n\nA new vulnerability has landed and it deserves attention. CVE-2026-26980: SECURI\n\nhttps://securitycyber.uk\n\n\n\nTraining: https://www.hackthebox.com https://portswigger.net/web-security", "creation_timestamp": "2026-06-01T08:00:22.839606Z"} https://vulnerability.circl.lu/sighting/3f4fe2a2-fe34-44e7-b909-e81eebfcfbcf/export Mon, 01 Jun 2026 08:00:22 +0000 https://vulnerability.circl.lu/sighting/21c461e0-bd83-44db-9ddd-1ec188be6ea8/export {"uuid": "21c461e0-bd83-44db-9ddd-1ec188be6ea8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mna4zjcwxs2h", "content": "SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99\n\nSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks\u00a0\u00a0 Trap\u2026\n#hackernews #news", "creation_timestamp": "2026-06-01T12:58:08.402737Z"} {"uuid": "21c461e0-bd83-44db-9ddd-1ec188be6ea8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mna4zjcwxs2h", "content": "SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99\n\nSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks\u00a0\u00a0 Trap\u2026\n#hackernews #news", "creation_timestamp": "2026-06-01T12:58:08.402737Z"} https://vulnerability.circl.lu/sighting/21c461e0-bd83-44db-9ddd-1ec188be6ea8/export Mon, 01 Jun 2026 12:58:08 +0000 https://vulnerability.circl.lu/sighting/f09cca05-025c-458b-a343-22592711f33a/export {"uuid": "f09cca05-025c-458b-a343-22592711f33a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mnahfglczl2k", "content": "~Checkpoint~\nWeekly threat intel highlights major data breaches, AI-driven campaigns, and active exploitation of PAN-OS and Ghost CMS vulnerabilities.\n-\nIOCs: CVE-2026-0257, CVE-2026-26980, CVE-2026-48131\n-\n#DataBreach #ThreatIntel #Vulnerabilities", "creation_timestamp": "2026-06-01T16:03:46.490052Z"} {"uuid": "f09cca05-025c-458b-a343-22592711f33a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mnahfglczl2k", "content": "~Checkpoint~\nWeekly threat intel highlights major data breaches, AI-driven campaigns, and active exploitation of PAN-OS and Ghost CMS vulnerabilities.\n-\nIOCs: CVE-2026-0257, CVE-2026-26980, CVE-2026-48131\n-\n#DataBreach #ThreatIntel #Vulnerabilities", "creation_timestamp": "2026-06-01T16:03:46.490052Z"} https://vulnerability.circl.lu/sighting/f09cca05-025c-458b-a343-22592711f33a/export Mon, 01 Jun 2026 16:03:46 +0000 https://vulnerability.circl.lu/sighting/490a06a3-aa46-4e23-b8b9-8b464e2db68f/export {"uuid": "490a06a3-aa46-4e23-b8b9-8b464e2db68f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/infotransec.bsky.social/post/3mnpa5zkqr52i", "content": "CVE-2026-26980 SQL injection compromised 700+ Ghost CMS sites - attackers extracted admin API keys and planted malicious JavaScript. Three-month patch delay enabled mass exploitation.\n\ninfotransec.com/news/hard-co...\n\n#InfoSec #SQLInjection #WebSecurity #CyberAttack", "creation_timestamp": "2026-06-07T13:04:16.669366Z"} {"uuid": "490a06a3-aa46-4e23-b8b9-8b464e2db68f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/infotransec.bsky.social/post/3mnpa5zkqr52i", "content": "CVE-2026-26980 SQL injection compromised 700+ Ghost CMS sites - attackers extracted admin API keys and planted malicious JavaScript. Three-month patch delay enabled mass exploitation.\n\ninfotransec.com/news/hard-co...\n\n#InfoSec #SQLInjection #WebSecurity #CyberAttack", "creation_timestamp": "2026-06-07T13:04:16.669366Z"} https://vulnerability.circl.lu/sighting/490a06a3-aa46-4e23-b8b9-8b464e2db68f/export Sun, 07 Jun 2026 13:04:16 +0000