Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 22 Jun 2026 15:36:15 +0000 33eb24c3-05fe-4eb3-a086-8ae8665d352e https://vulnerability.circl.lu/sighting/33eb24c3-05fe-4eb3-a086-8ae8665d352e/export {"uuid": "33eb24c3-05fe-4eb3-a086-8ae8665d352e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3moqd2hn7lb2a", "content": "A 'medium' CVSS told you to skip this one.\n\nIt is dumping live Amazon SES and OAuth keys to anyone who asks, on 100,000 WordPress sites.\n\nPatching does not take the leaked keys back. Rotate them. (CVE-2026-4020)", "creation_timestamp": "2026-06-20T16:53:50.373798Z"} {"uuid": "33eb24c3-05fe-4eb3-a086-8ae8665d352e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3moqd2hn7lb2a", "content": "A 'medium' CVSS told you to skip this one.\n\nIt is dumping live Amazon SES and OAuth keys to anyone who asks, on 100,000 WordPress sites.\n\nPatching does not take the leaked keys back. Rotate them. (CVE-2026-4020)", "creation_timestamp": "2026-06-20T16:53:50.373798Z"} https://vulnerability.circl.lu/sighting/33eb24c3-05fe-4eb3-a086-8ae8665d352e/export Sat, 20 Jun 2026 16:53:50 +0000 a148d051-c343-4b53-8256-05da3671f23f https://vulnerability.circl.lu/sighting/a148d051-c343-4b53-8256-05da3671f23f/export {"uuid": "a148d051-c343-4b53-8256-05da3671f23f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3moqmnb5soe2u", "content": "Hackers are exploiting CVE-2026-4020 in Gravity SMTP, a WordPress plugin on 100,000 sites, to expose API keys, secrets, and OAuth tokens via a REST endpoint. #GravitySMTP #CVE20264020 #Wordfence", "creation_timestamp": "2026-06-20T19:45:52.553522Z"} {"uuid": "a148d051-c343-4b53-8256-05da3671f23f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3moqmnb5soe2u", "content": "Hackers are exploiting CVE-2026-4020 in Gravity SMTP, a WordPress plugin on 100,000 sites, to expose API keys, secrets, and OAuth tokens via a REST endpoint. #GravitySMTP #CVE20264020 #Wordfence", "creation_timestamp": "2026-06-20T19:45:52.553522Z"} https://vulnerability.circl.lu/sighting/a148d051-c343-4b53-8256-05da3671f23f/export Sat, 20 Jun 2026 19:45:52 +0000 0795ddfa-66db-4cd6-aa4a-8c0f97c07f67 https://vulnerability.circl.lu/sighting/0795ddfa-66db-4cd6-aa4a-8c0f97c07f67/export {"uuid": "0795ddfa-66db-4cd6-aa4a-8c0f97c07f67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4020", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116784587739948914", "content": "\ud83d\udcf0 Hackers Actively Exploit Gravity SMTP Flaw (CVE-2026-4020) to Steal API Keys from 100K WordPress Sites\n\ud83d\udce2 ATTENTION WordPress Admins: A flaw in the Gravity SMTP plugin (CVE-2026-4020) is being mass-exploited to steal API keys. 100K sites at risk. Update to v2.1.5 & rotate all email service credentials NOW! #WordPress #Vulnerability #CyberSecurity\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/gravity-smtp-wordpress-plugin-flaw-cve-2026-4020-activel\u2026", "creation_timestamp": "2026-06-20T21:36:37.283802Z"} {"uuid": "0795ddfa-66db-4cd6-aa4a-8c0f97c07f67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4020", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116784587739948914", "content": "\ud83d\udcf0 Hackers Actively Exploit Gravity SMTP Flaw (CVE-2026-4020) to Steal API Keys from 100K WordPress Sites\n\ud83d\udce2 ATTENTION WordPress Admins: A flaw in the Gravity SMTP plugin (CVE-2026-4020) is being mass-exploited to steal API keys. 100K sites at risk. Update to v2.1.5 & rotate all email service credentials NOW! #WordPress #Vulnerability #CyberSecurity\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/gravity-smtp-wordpress-plugin-flaw-cve-2026-4020-activel\u2026", "creation_timestamp": "2026-06-20T21:36:37.283802Z"} https://vulnerability.circl.lu/sighting/0795ddfa-66db-4cd6-aa4a-8c0f97c07f67/export Sat, 20 Jun 2026 21:36:37 +0000 b7c6df63-e973-4023-a9ee-9dcf46366b3a https://vulnerability.circl.lu/sighting/b7c6df63-e973-4023-a9ee-9dcf46366b3a/export {"uuid": "b7c6df63-e973-4023-a9ee-9dcf46366b3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3moqsuuhr352e", "content": "\ud83d\udce2 ATTENTION WordPress Admins: A flaw in the Gravity SMTP plugin (CVE-2026-4020) is being mass-exploited to steal API keys. 100K sites at risk. Update to v2.1.5 & rotate all email service credentials NOW! #WordPress #Vulnerability #CyberSecurity\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-20T21:37:02.286766Z"} {"uuid": "b7c6df63-e973-4023-a9ee-9dcf46366b3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3moqsuuhr352e", "content": "\ud83d\udce2 ATTENTION WordPress Admins: A flaw in the Gravity SMTP plugin (CVE-2026-4020) is being mass-exploited to steal API keys. 100K sites at risk. Update to v2.1.5 & rotate all email service credentials NOW! #WordPress #Vulnerability #CyberSecurity\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-20T21:37:02.286766Z"} https://vulnerability.circl.lu/sighting/b7c6df63-e973-4023-a9ee-9dcf46366b3a/export Sat, 20 Jun 2026 21:37:02 +0000 05ada68b-379c-4fe9-8121-65d3f6d023f9 https://vulnerability.circl.lu/sighting/05ada68b-379c-4fe9-8121-65d3f6d023f9/export {"uuid": "05ada68b-379c-4fe9-8121-65d3f6d023f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/116785138273435767", "content": "A Gravity SMTP WordPress plugin flaw is already being exploited.\nCVE-2026-4020 can expose API keys, OAuth tokens, and system data through an unauthenticated REST API endpoint.\nWordfence says it has blocked 17M+ exploit attempts.\nRead the full story: https://thehackernews.com/2026/06/hackers-exploit-gravity-smtp-wordpress.html", "creation_timestamp": "2026-06-20T23:56:30.867097Z"} {"uuid": "05ada68b-379c-4fe9-8121-65d3f6d023f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/116785138273435767", "content": "A Gravity SMTP WordPress plugin flaw is already being exploited.\nCVE-2026-4020 can expose API keys, OAuth tokens, and system data through an unauthenticated REST API endpoint.\nWordfence says it has blocked 17M+ exploit attempts.\nRead the full story: https://thehackernews.com/2026/06/hackers-exploit-gravity-smtp-wordpress.html", "creation_timestamp": "2026-06-20T23:56:30.867097Z"} https://vulnerability.circl.lu/sighting/05ada68b-379c-4fe9-8121-65d3f6d023f9/export Sat, 20 Jun 2026 23:56:30 +0000 cc89c12f-7d91-4a43-9f42-52de5c2e0d44 https://vulnerability.circl.lu/sighting/cc89c12f-7d91-4a43-9f42-52de5c2e0d44/export {"uuid": "cc89c12f-7d91-4a43-9f42-52de5c2e0d44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mordczgryp2n", "content": "Top 3 CVE for last 7 days:\nCVE-2026-50656: 27 interactions\nCVE-2026-54420: 27 interactions\nCVE-2026-20262: 22 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-9082: 12 interactions\nCVE-2026-11551: 5 interactions\nCVE-2026-4020: 4 interactions\n", "creation_timestamp": "2026-06-21T02:33:27.721018Z"} {"uuid": "cc89c12f-7d91-4a43-9f42-52de5c2e0d44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mordczgryp2n", "content": "Top 3 CVE for last 7 days:\nCVE-2026-50656: 27 interactions\nCVE-2026-54420: 27 interactions\nCVE-2026-20262: 22 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-9082: 12 interactions\nCVE-2026-11551: 5 interactions\nCVE-2026-4020: 4 interactions\n", "creation_timestamp": "2026-06-21T02:33:27.721018Z"} https://vulnerability.circl.lu/sighting/cc89c12f-7d91-4a43-9f42-52de5c2e0d44/export Sun, 21 Jun 2026 02:33:27 +0000 9db6d681-4c7c-4037-9c58-02ff4d209725 https://vulnerability.circl.lu/sighting/9db6d681-4c7c-4037-9c58-02ff4d209725/export {"uuid": "9db6d681-4c7c-4037-9c58-02ff4d209725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/newssecia.bsky.social/post/3mos42sedb32w", "content": "\ud83e\udd16 CVE-2026-4020 (CVSS 5.3): Active exploitation of Gravity SMTP WordPress plugin (~100k sites). Unauthenticated attackers extract API keys, secrets & OAuth tokens. Patch available.\nhttps://thehackernews.com/2026/06/hackers-exploit-gravity-smtp-wordpress.html", "creation_timestamp": "2026-06-21T09:54:04.612803Z"} {"uuid": "9db6d681-4c7c-4037-9c58-02ff4d209725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/newssecia.bsky.social/post/3mos42sedb32w", "content": "\ud83e\udd16 CVE-2026-4020 (CVSS 5.3): Active exploitation of Gravity SMTP WordPress plugin (~100k sites). Unauthenticated attackers extract API keys, secrets & OAuth tokens. Patch available.\nhttps://thehackernews.com/2026/06/hackers-exploit-gravity-smtp-wordpress.html", "creation_timestamp": "2026-06-21T09:54:04.612803Z"} https://vulnerability.circl.lu/sighting/9db6d681-4c7c-4037-9c58-02ff4d209725/export Sun, 21 Jun 2026 09:54:04 +0000 a9ca767b-da80-40c9-b173-d8cd8d494bb2 https://vulnerability.circl.lu/sighting/a9ca767b-da80-40c9-b173-d8cd8d494bb2/export {"uuid": "a9ca767b-da80-40c9-b173-d8cd8d494bb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3moses5jsnc2h", "content": "Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys\n\nThreat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites.\n\nThe vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), i\u2026\n#hackernews #news", "creation_timestamp": "2026-06-21T12:30:17.939459Z"} {"uuid": "a9ca767b-da80-40c9-b173-d8cd8d494bb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3moses5jsnc2h", "content": "Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys\n\nThreat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites.\n\nThe vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), i\u2026\n#hackernews #news", "creation_timestamp": "2026-06-21T12:30:17.939459Z"} https://vulnerability.circl.lu/sighting/a9ca767b-da80-40c9-b173-d8cd8d494bb2/export Sun, 21 Jun 2026 12:30:17 +0000 bcddf82f-f69a-4b8e-8980-d12d2005b01d https://vulnerability.circl.lu/sighting/bcddf82f-f69a-4b8e-8980-d12d2005b01d/export {"uuid": "bcddf82f-f69a-4b8e-8980-d12d2005b01d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/guardian360.bsky.social/post/3moui5bnqnw2c", "content": "The vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), is a medium-severity information disclosure flaw that can allow unauthenticated attackers to extract sensitive data, such as configuration data, API keys, secrets, and OAuth tokens configured for the plugin's email", "creation_timestamp": "2026-06-22T08:35:31.869136Z"} {"uuid": "bcddf82f-f69a-4b8e-8980-d12d2005b01d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/guardian360.bsky.social/post/3moui5bnqnw2c", "content": "The vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), is a medium-severity information disclosure flaw that can allow unauthenticated attackers to extract sensitive data, such as configuration data, API keys, secrets, and OAuth tokens configured for the plugin's email", "creation_timestamp": "2026-06-22T08:35:31.869136Z"} https://vulnerability.circl.lu/sighting/bcddf82f-f69a-4b8e-8980-d12d2005b01d/export Mon, 22 Jun 2026 08:35:31 +0000 64c72cea-5657-43e9-9714-34f637c94743 https://vulnerability.circl.lu/sighting/64c72cea-5657-43e9-9714-34f637c94743/export {"uuid": "64c72cea-5657-43e9-9714-34f637c94743", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mouwwwtnvt2o", "content": "Attackers are exploiting CVE-2026-4020 in Gravity SMTP before 2.1.5 to pull system reports from WordPress sites, exposing server details, config data, API keys, tokens, and email credentials. #GravitySMTP #CVE2026-4020 #WordPress", "creation_timestamp": "2026-06-22T13:00:25.492116Z"} {"uuid": "64c72cea-5657-43e9-9714-34f637c94743", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mouwwwtnvt2o", "content": "Attackers are exploiting CVE-2026-4020 in Gravity SMTP before 2.1.5 to pull system reports from WordPress sites, exposing server details, config data, API keys, tokens, and email credentials. #GravitySMTP #CVE2026-4020 #WordPress", "creation_timestamp": "2026-06-22T13:00:25.492116Z"} https://vulnerability.circl.lu/sighting/64c72cea-5657-43e9-9714-34f637c94743/export Mon, 22 Jun 2026 13:00:25 +0000