<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sun, 12 Jul 2026 05:30:34 +0000</lastBuildDate>
    <item>
      <title>92241f74-9bb1-4c15-a1f3-dfe9156270a2</title>
      <link>https://vulnerability.circl.lu/sighting/92241f74-9bb1-4c15-a1f3-dfe9156270a2/export</link>
      <description>{"uuid": "92241f74-9bb1-4c15-a1f3-dfe9156270a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41880", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqd3brx24f2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-41880 \u0432 R-SOFT DMS: \u0443\u0433\u0440\u043e\u0437\u0430 OS Command Injection \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 OCR\n\n\n\nhttps://kripta.biz/posts/3DFBCB9E-3018-43AB-B580-7A3CACDD274F", "creation_timestamp": "2026-07-10T21:20:32.547148Z"}</description>
      <content:encoded>{"uuid": "92241f74-9bb1-4c15-a1f3-dfe9156270a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41880", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqd3brx24f2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-41880 \u0432 R-SOFT DMS: \u0443\u0433\u0440\u043e\u0437\u0430 OS Command Injection \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 OCR\n\n\n\nhttps://kripta.biz/posts/3DFBCB9E-3018-43AB-B580-7A3CACDD274F", "creation_timestamp": "2026-07-10T21:20:32.547148Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/92241f74-9bb1-4c15-a1f3-dfe9156270a2/export</guid>
      <pubDate>Fri, 10 Jul 2026 21:20:32 +0000</pubDate>
    </item>
    <item>
      <title>998dfd67-e6de-481f-93a9-97505012979c</title>
      <link>https://vulnerability.circl.lu/sighting/998dfd67-e6de-481f-93a9-97505012979c/export</link>
      <description>{"uuid": "998dfd67-e6de-481f-93a9-97505012979c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41880", "type": "seen", "source": "https://cert.pl/en/posts/2026/07/CVE-2026-41876", "content": "", "creation_timestamp": "2026-07-10T16:15:05.662442Z"}</description>
      <content:encoded>{"uuid": "998dfd67-e6de-481f-93a9-97505012979c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41880", "type": "seen", "source": "https://cert.pl/en/posts/2026/07/CVE-2026-41876", "content": "", "creation_timestamp": "2026-07-10T16:15:05.662442Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/998dfd67-e6de-481f-93a9-97505012979c/export</guid>
      <pubDate>Fri, 10 Jul 2026 16:15:05 +0000</pubDate>
    </item>
    <item>
      <title>11bfc150-8bdc-4577-8f92-d99fdf7b9a0a</title>
      <link>https://vulnerability.circl.lu/sighting/11bfc150-8bdc-4577-8f92-d99fdf7b9a0a/export</link>
      <description>{"uuid": "11bfc150-8bdc-4577-8f92-d99fdf7b9a0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41880", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqcdu6sfwq2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-41880 \u0432 R-SOFT DMS: \u0443\u0433\u0440\u043e\u0437\u0430 OS Command Injection \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 \u0440\u0430\u0441\u043f\u043e\u0437\u043d\u0430\u0432\u0430\u043d\u0438\u044f \u0442\u0435\u043a\u0441\u0442\u0430\n\n\n\nhttps://kripta.biz/posts/F61B40B1-6651-4D57-A411-F4C7B52835FC", "creation_timestamp": "2026-07-10T14:21:19.835572Z"}</description>
      <content:encoded>{"uuid": "11bfc150-8bdc-4577-8f92-d99fdf7b9a0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41880", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqcdu6sfwq2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-41880 \u0432 R-SOFT DMS: \u0443\u0433\u0440\u043e\u0437\u0430 OS Command Injection \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 \u0440\u0430\u0441\u043f\u043e\u0437\u043d\u0430\u0432\u0430\u043d\u0438\u044f \u0442\u0435\u043a\u0441\u0442\u0430\n\n\n\nhttps://kripta.biz/posts/F61B40B1-6651-4D57-A411-F4C7B52835FC", "creation_timestamp": "2026-07-10T14:21:19.835572Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/11bfc150-8bdc-4577-8f92-d99fdf7b9a0a/export</guid>
      <pubDate>Fri, 10 Jul 2026 14:21:19 +0000</pubDate>
    </item>
    <item>
      <title>d5716a4c-ca24-4ec4-906f-c8a5728ff69d</title>
      <link>https://vulnerability.circl.lu/sighting/d5716a4c-ca24-4ec4-906f-c8a5728ff69d/export</link>
      <description>{"uuid": "d5716a4c-ca24-4ec4-906f-c8a5728ff69d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41880", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqc6lxopmc2x", "content": "CVE-2026-41880 - OS Command Injection in R-SOFT DMS\nCVE ID : CVE-2026-41880\n \n Published : July 10, 2026, 10:16 a.m. | 1\u00a0hour, 32\u00a0minutes ago\n \n Description : R-SOFT DMS is vulnerable to\u00a0OS Command Injection in the Optical Character Recognition (OCR) module. Multiple command e...", "creation_timestamp": "2026-07-10T12:47:15.405587Z"}</description>
      <content:encoded>{"uuid": "d5716a4c-ca24-4ec4-906f-c8a5728ff69d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41880", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqc6lxopmc2x", "content": "CVE-2026-41880 - OS Command Injection in R-SOFT DMS\nCVE ID : CVE-2026-41880\n \n Published : July 10, 2026, 10:16 a.m. | 1\u00a0hour, 32\u00a0minutes ago\n \n Description : R-SOFT DMS is vulnerable to\u00a0OS Command Injection in the Optical Character Recognition (OCR) module. Multiple command e...", "creation_timestamp": "2026-07-10T12:47:15.405587Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d5716a4c-ca24-4ec4-906f-c8a5728ff69d/export</guid>
      <pubDate>Fri, 10 Jul 2026 12:47:15 +0000</pubDate>
    </item>
    <item>
      <title>e43f28d0-62db-442b-8326-3153ddb8878c</title>
      <link>https://vulnerability.circl.lu/sighting/e43f28d0-62db-442b-8326-3153ddb8878c/export</link>
      <description>{"uuid": "e43f28d0-62db-442b-8326-3153ddb8878c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41880", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqc3ykh4gg24", "content": "CVE-2026-41880: CRITICAL OS Command Injection in R-SOFT SERWIS DMS OCR module. Authenticated attackers can gain root via crafted uploads. Patch to v3.19-2862/3.17-2580 now. https://radar.offseq.com/threat/cve-2026-41880-cwe-78-improper-neutralization-of-s-9acc4d130ed96ca2 #OffSeq #infosec #CVE202...", "creation_timestamp": "2026-07-10T12:00:37.059319Z"}</description>
      <content:encoded>{"uuid": "e43f28d0-62db-442b-8326-3153ddb8878c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41880", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqc3ykh4gg24", "content": "CVE-2026-41880: CRITICAL OS Command Injection in R-SOFT SERWIS DMS OCR module. Authenticated attackers can gain root via crafted uploads. Patch to v3.19-2862/3.17-2580 now. https://radar.offseq.com/threat/cve-2026-41880-cwe-78-improper-neutralization-of-s-9acc4d130ed96ca2 #OffSeq #infosec #CVE202...", "creation_timestamp": "2026-07-10T12:00:37.059319Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e43f28d0-62db-442b-8326-3153ddb8878c/export</guid>
      <pubDate>Fri, 10 Jul 2026 12:00:37 +0000</pubDate>
    </item>
    <item>
      <title>bfe80ffc-9f84-48cf-97a3-f408f749b9e1</title>
      <link>https://vulnerability.circl.lu/sighting/bfe80ffc-9f84-48cf-97a3-f408f749b9e1/export</link>
      <description>{"uuid": "bfe80ffc-9f84-48cf-97a3-f408f749b9e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41880", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116895569307199764", "content": "CVE-2026-41880 | CRITICAL OS Command Injection in R-SOFT SERWIS DMS OCR module. Authenticated users can execute root commands via crafted uploads. Patched in v3.19-2862/3.17-2580. Upgrade now: https://radar.offseq.com/threat/cve-2026-41880-cwe-78-improper-neutralization-of-s-9acc4d130ed96ca2 #OffSeq #infosec #vulnerability #CVE202641880", "creation_timestamp": "2026-07-10T12:00:35.221298Z"}</description>
      <content:encoded>{"uuid": "bfe80ffc-9f84-48cf-97a3-f408f749b9e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41880", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116895569307199764", "content": "CVE-2026-41880 | CRITICAL OS Command Injection in R-SOFT SERWIS DMS OCR module. Authenticated users can execute root commands via crafted uploads. Patched in v3.19-2862/3.17-2580. Upgrade now: https://radar.offseq.com/threat/cve-2026-41880-cwe-78-improper-neutralization-of-s-9acc4d130ed96ca2 #OffSeq #infosec #vulnerability #CVE202641880", "creation_timestamp": "2026-07-10T12:00:35.221298Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/bfe80ffc-9f84-48cf-97a3-f408f749b9e1/export</guid>
      <pubDate>Fri, 10 Jul 2026 12:00:35 +0000</pubDate>
    </item>
    <item>
      <title>ffbe42a9-48cd-4ed0-89cd-37113e7cbae3</title>
      <link>https://vulnerability.circl.lu/sighting/ffbe42a9-48cd-4ed0-89cd-37113e7cbae3/export</link>
      <description>{"uuid": "ffbe42a9-48cd-4ed0-89cd-37113e7cbae3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41880", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqbz2mejxm2h", "content": "CVE-2026-41880 - dms\nAn attacker can upload a malicious file to R-SOFT DMS and execute system commands as the root user. This can allow unauthorized access to the system and potentially lead to data theft or system\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#dms #CVE #infosec", "creation_timestamp": "2026-07-10T11:08:04.261107Z"}</description>
      <content:encoded>{"uuid": "ffbe42a9-48cd-4ed0-89cd-37113e7cbae3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41880", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqbz2mejxm2h", "content": "CVE-2026-41880 - dms\nAn attacker can upload a malicious file to R-SOFT DMS and execute system commands as the root user. This can allow unauthorized access to the system and potentially lead to data theft or system\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#dms #CVE #infosec", "creation_timestamp": "2026-07-10T11:08:04.261107Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ffbe42a9-48cd-4ed0-89cd-37113e7cbae3/export</guid>
      <pubDate>Fri, 10 Jul 2026 11:08:04 +0000</pubDate>
    </item>
  </channel>
</rss>
