https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 18 Jun 2026 17:45:45 +0000 https://vulnerability.circl.lu/sighting/d8db5e0e-8644-4475-b7e6-8c29c2915844/export {"uuid": "d8db5e0e-8644-4475-b7e6-8c29c2915844", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33590", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwydw5s2c2n", "content": "CVE-2026-33590 - Insecure default permissions in Portainer CE\nCVE ID : CVE-2026-33590\n \n Published : May 28, 2026, 8:16 p.m. | 15\u00a0minutes ago\n \n Description : Insecure default settings of Portainer CE grant regular (non-admin) users privileges that allow host filesystem access...", "creation_timestamp": "2026-05-28T21:40:30.883093Z"} {"uuid": "d8db5e0e-8644-4475-b7e6-8c29c2915844", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33590", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwydw5s2c2n", "content": "CVE-2026-33590 - Insecure default permissions in Portainer CE\nCVE ID : CVE-2026-33590\n \n Published : May 28, 2026, 8:16 p.m. | 15\u00a0minutes ago\n \n Description : Insecure default settings of Portainer CE grant regular (non-admin) users privileges that allow host filesystem access...", "creation_timestamp": "2026-05-28T21:40:30.883093Z"} https://vulnerability.circl.lu/sighting/d8db5e0e-8644-4475-b7e6-8c29c2915844/export Thu, 28 May 2026 21:40:30 +0000 https://vulnerability.circl.lu/sighting/16562ade-e5f4-4678-8ff2-ccd4c5d0501b/export {"uuid": "16562ade-e5f4-4678-8ff2-ccd4c5d0501b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33590", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mo3rd3yvp72n", "content": "CVE-2026-33590: Insecure default settings of Portainer", "creation_timestamp": "2026-06-12T12:43:17.535729Z"} {"uuid": "16562ade-e5f4-4678-8ff2-ccd4c5d0501b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33590", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mo3rd3yvp72n", "content": "CVE-2026-33590: Insecure default settings of Portainer", "creation_timestamp": "2026-06-12T12:43:17.535729Z"} https://vulnerability.circl.lu/sighting/16562ade-e5f4-4678-8ff2-ccd4c5d0501b/export Fri, 12 Jun 2026 12:43:17 +0000 https://vulnerability.circl.lu/sighting/c882dcd2-1cf7-4fdf-90a9-fd39b5dcc974/export {"uuid": "c882dcd2-1cf7-4fdf-90a9-fd39b5dcc974", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33590", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3moel7rztfz2x", "content": "Portainer versions before 2.38.0 allowed bind mounts and privileged mode on user containers by default, letting an authenticated non-admin escalate to root-equivalent host access (CVE-2026-33590). Fixes are in 2.38.0 STS and 2.39.0 LTS. Should privileged mode ever default to on?\n#containers", "creation_timestamp": "2026-06-16T00:48:01.853589Z"} {"uuid": "c882dcd2-1cf7-4fdf-90a9-fd39b5dcc974", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33590", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3moel7rztfz2x", "content": "Portainer versions before 2.38.0 allowed bind mounts and privileged mode on user containers by default, letting an authenticated non-admin escalate to root-equivalent host access (CVE-2026-33590). Fixes are in 2.38.0 STS and 2.39.0 LTS. Should privileged mode ever default to on?\n#containers", "creation_timestamp": "2026-06-16T00:48:01.853589Z"} https://vulnerability.circl.lu/sighting/c882dcd2-1cf7-4fdf-90a9-fd39b5dcc974/export Tue, 16 Jun 2026 00:48:01 +0000 https://vulnerability.circl.lu/sighting/aa014640-b30e-4367-acb8-3790ff3dc404/export {"uuid": "aa014640-b30e-4367-acb8-3790ff3dc404", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33590", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3moeo4rr6a32c", "content": "The Portainer host-takeover flaw (CVE-2026-33590) hits anyone running a shared instance: any authenticated non-admin from before 2.38.0 could reach root-equivalent host access through default-allowed bind mounts and privileged mode. Upgrade now. Who has non-admin logins on your setup?\n#security", "creation_timestamp": "2026-06-16T01:40:01.950018Z"} {"uuid": "aa014640-b30e-4367-acb8-3790ff3dc404", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33590", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3moeo4rr6a32c", "content": "The Portainer host-takeover flaw (CVE-2026-33590) hits anyone running a shared instance: any authenticated non-admin from before 2.38.0 could reach root-equivalent host access through default-allowed bind mounts and privileged mode. Upgrade now. Who has non-admin logins on your setup?\n#security", "creation_timestamp": "2026-06-16T01:40:01.950018Z"} https://vulnerability.circl.lu/sighting/aa014640-b30e-4367-acb8-3790ff3dc404/export Tue, 16 Jun 2026 01:40:01 +0000