https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 31 May 2026 23:48:49 +0000 https://vulnerability.circl.lu/sighting/856e6e42-3ab0-4dff-a546-070812a88691/export {"uuid": "856e6e42-3ab0-4dff-a546-070812a88691", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44548", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlp5eh2e672e", "content": "CVE-2026-44548 - ChurchCRM: CSRF via legacy GET-delete pages (FundRaiserDelete.php, PropertyTypeDelete.php, NoteDelete.php)\nCVE ID : CVE-2026-44548\n \n Published : May 12, 2026, 11:16 p.m. | 1\u00a0hour, 9\u00a0minutes ago\n \n Description : ChurchCRM is an open-source church management sy...", "creation_timestamp": "2026-05-13T01:23:47.961696Z"} {"uuid": "856e6e42-3ab0-4dff-a546-070812a88691", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44548", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlp5eh2e672e", "content": "CVE-2026-44548 - ChurchCRM: CSRF via legacy GET-delete pages (FundRaiserDelete.php, PropertyTypeDelete.php, NoteDelete.php)\nCVE ID : CVE-2026-44548\n \n Published : May 12, 2026, 11:16 p.m. | 1\u00a0hour, 9\u00a0minutes ago\n \n Description : ChurchCRM is an open-source church management sy...", "creation_timestamp": "2026-05-13T01:23:47.961696Z"} https://vulnerability.circl.lu/sighting/856e6e42-3ab0-4dff-a546-070812a88691/export Wed, 13 May 2026 01:23:47 +0000 https://vulnerability.circl.lu/sighting/92dbb930-75ae-434a-8369-8784d926200c/export {"uuid": "92dbb930-75ae-434a-8369-8784d926200c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44547", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlp7gkadlq2v", "content": "CVE-2026-44547 - ChurchCRM: Incomplete fix for CVE-2026-40582: public API login still bypasses 2FA and account lockout in ChurchCRM 7.2.2\nCVE ID : CVE-2026-44547\n \n Published : May 12, 2026, 11:16 p.m. | 1\u00a0hour, 14\u00a0minutes ago\n \n Description : ChurchCRM is an open-source churc...", "creation_timestamp": "2026-05-13T02:00:45.882500Z"} {"uuid": "92dbb930-75ae-434a-8369-8784d926200c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44547", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlp7gkadlq2v", "content": "CVE-2026-44547 - ChurchCRM: Incomplete fix for CVE-2026-40582: public API login still bypasses 2FA and account lockout in ChurchCRM 7.2.2\nCVE ID : CVE-2026-44547\n \n Published : May 12, 2026, 11:16 p.m. | 1\u00a0hour, 14\u00a0minutes ago\n \n Description : ChurchCRM is an open-source churc...", "creation_timestamp": "2026-05-13T02:00:45.882500Z"} https://vulnerability.circl.lu/sighting/92dbb930-75ae-434a-8369-8784d926200c/export Wed, 13 May 2026 02:00:45 +0000 https://vulnerability.circl.lu/sighting/5950661e-ae43-49e8-bd07-88fc193f1584/export {"uuid": "5950661e-ae43-49e8-bd07-88fc193f1584", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44547", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlp7yh4nla2i", "content": "CVE-2026-44547 - ChurchCRM: Incomplete fix for CVE-2026-40582: public API login still bypasses 2FA and account lockout in ChurchCRM 7.2.2\nCVE ID : CVE-2026-44547\n \n Published : May 12, 2026, 11:16 p.m. | 1\u00a0hour, 9\u00a0minutes ago\n \n Description : ChurchCRM is an open-source church...", "creation_timestamp": "2026-05-13T02:10:46.573881Z"} {"uuid": "5950661e-ae43-49e8-bd07-88fc193f1584", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44547", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlp7yh4nla2i", "content": "CVE-2026-44547 - ChurchCRM: Incomplete fix for CVE-2026-40582: public API login still bypasses 2FA and account lockout in ChurchCRM 7.2.2\nCVE ID : CVE-2026-44547\n \n Published : May 12, 2026, 11:16 p.m. | 1\u00a0hour, 9\u00a0minutes ago\n \n Description : ChurchCRM is an open-source church...", "creation_timestamp": "2026-05-13T02:10:46.573881Z"} https://vulnerability.circl.lu/sighting/5950661e-ae43-49e8-bd07-88fc193f1584/export Wed, 13 May 2026 02:10:46 +0000 https://vulnerability.circl.lu/sighting/48e2f0e2-ce7a-4c8d-9919-f110fc1085cb/export {"uuid": "48e2f0e2-ce7a-4c8d-9919-f110fc1085cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44547", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlpdczvqto2g", "content": "\ud83d\udd34 CVE-2026-44547 - Critical (9.6)\n\nChurchCRM is an open-source church management system. From 7.2.0 to 7.2.2, The fix for CVE-2026-4...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-44547/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-13T03:10:23.757397Z"} {"uuid": "48e2f0e2-ce7a-4c8d-9919-f110fc1085cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44547", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlpdczvqto2g", "content": "\ud83d\udd34 CVE-2026-44547 - Critical (9.6)\n\nChurchCRM is an open-source church management system. From 7.2.0 to 7.2.2, The fix for CVE-2026-4...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-44547/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-13T03:10:23.757397Z"} https://vulnerability.circl.lu/sighting/48e2f0e2-ce7a-4c8d-9919-f110fc1085cb/export Wed, 13 May 2026 03:10:23 +0000 https://vulnerability.circl.lu/sighting/c6e263a2-4ee4-4193-8c43-95d606ceb0d7/export {"uuid": "c6e263a2-4ee4-4193-8c43-95d606ceb0d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44548", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlpddbew5w2g", "content": "\ud83d\udfe0 CVE-2026-44548 - High (8.1)\n\nChurchCRM is an open-source church management system. Prior to 7.3.2, top-level cross-site GET na...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-44548/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-13T03:10:31.746129Z"} {"uuid": "c6e263a2-4ee4-4193-8c43-95d606ceb0d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44548", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlpddbew5w2g", "content": "\ud83d\udfe0 CVE-2026-44548 - High (8.1)\n\nChurchCRM is an open-source church management system. Prior to 7.3.2, top-level cross-site GET na...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-44548/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-13T03:10:31.746129Z"} https://vulnerability.circl.lu/sighting/c6e263a2-4ee4-4193-8c43-95d606ceb0d7/export Wed, 13 May 2026 03:10:31 +0000 https://vulnerability.circl.lu/sighting/f96c2e24-7d96-4767-9b77-62e310ff1b0d/export {"uuid": "f96c2e24-7d96-4767-9b77-62e310ff1b0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44542", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mltfj43q4y2l", "content": "CRITICAL: gtsteffaniak FileBrowser Quantum (<1.3.1-stable, <1.3.9-beta) vulnerable to path traversal (CVE-2026-44542) \u2014 attackers can delete files outside shared dirs. Upgrade now! \ud83d\udea8 https://radar.offseq.com/threat/cve-2026-44542-cwe-22-improper-limitation-of-a-pat-f7d1f33b #OffSeq #vulnerability...", "creation_timestamp": "2026-05-14T18:00:13.692256Z"} {"uuid": "f96c2e24-7d96-4767-9b77-62e310ff1b0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44542", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mltfj43q4y2l", "content": "CRITICAL: gtsteffaniak FileBrowser Quantum (<1.3.1-stable, <1.3.9-beta) vulnerable to path traversal (CVE-2026-44542) \u2014 attackers can delete files outside shared dirs. Upgrade now! \ud83d\udea8 https://radar.offseq.com/threat/cve-2026-44542-cwe-22-improper-limitation-of-a-pat-f7d1f33b #OffSeq #vulnerability...", "creation_timestamp": "2026-05-14T18:00:13.692256Z"} https://vulnerability.circl.lu/sighting/f96c2e24-7d96-4767-9b77-62e310ff1b0d/export Thu, 14 May 2026 18:00:13 +0000 https://vulnerability.circl.lu/sighting/89411b43-374b-46e4-b5ee-c5828c15d1e9/export {"uuid": "89411b43-374b-46e4-b5ee-c5828c15d1e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44542", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116574231625366098", "content": "\ud83d\udea8 CRITICAL: CVE-2026-44542 in gtsteffaniak FileBrowser Quantum (<1.3.1-stable, <1.3.9-beta) allows unauthenticated file deletion via path traversal. Upgrade to fixed versions ASAP for protection! https://radar.offseq.com/threat/cve-2026-44542-cwe-22-improper-limitation-of-a-pat-f7d1f33b #OffSeq #vulnerability #FileBrowser #cybersecurity", "creation_timestamp": "2026-05-14T18:02:13.443525Z"} {"uuid": "89411b43-374b-46e4-b5ee-c5828c15d1e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44542", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116574231625366098", "content": "\ud83d\udea8 CRITICAL: CVE-2026-44542 in gtsteffaniak FileBrowser Quantum (<1.3.1-stable, <1.3.9-beta) allows unauthenticated file deletion via path traversal. Upgrade to fixed versions ASAP for protection! https://radar.offseq.com/threat/cve-2026-44542-cwe-22-improper-limitation-of-a-pat-f7d1f33b #OffSeq #vulnerability #FileBrowser #cybersecurity", "creation_timestamp": "2026-05-14T18:02:13.443525Z"} https://vulnerability.circl.lu/sighting/89411b43-374b-46e4-b5ee-c5828c15d1e9/export Thu, 14 May 2026 18:02:13 +0000 https://vulnerability.circl.lu/sighting/79f91043-5e11-4ce8-8408-6ee244095327/export {"uuid": "79f91043-5e11-4ce8-8408-6ee244095327", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44549", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mlws46qntr2f", "content": "Open WebUI 0.8.0\u672a\u6e80\u3067\u3001\u7d30\u5de5\u3055\u308c\u305fExcel\u30d5\u30a1\u30a4\u30eb\u306b\u3088\u308aXSS\u8106\u5f31\u6027\u304c\u767a\u751f\u3002\u653b\u6483\u8005\u306fHTML\u306b\u60aa\u610f\u306e\u3042\u308b\u30b3\u30fc\u30c9\u3092\u57cb\u3081\u8fbc\u307f\u3001DOM\u306b\u633f\u5165\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308b\u3002\nCVE-2026-44549 CVSS 7.3 | HIGH", "creation_timestamp": "2026-05-16T02:23:37.676428Z"} {"uuid": "79f91043-5e11-4ce8-8408-6ee244095327", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44549", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mlws46qntr2f", "content": "Open WebUI 0.8.0\u672a\u6e80\u3067\u3001\u7d30\u5de5\u3055\u308c\u305fExcel\u30d5\u30a1\u30a4\u30eb\u306b\u3088\u308aXSS\u8106\u5f31\u6027\u304c\u767a\u751f\u3002\u653b\u6483\u8005\u306fHTML\u306b\u60aa\u610f\u306e\u3042\u308b\u30b3\u30fc\u30c9\u3092\u57cb\u3081\u8fbc\u307f\u3001DOM\u306b\u633f\u5165\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308b\u3002\nCVE-2026-44549 CVSS 7.3 | HIGH", "creation_timestamp": "2026-05-16T02:23:37.676428Z"} https://vulnerability.circl.lu/sighting/79f91043-5e11-4ce8-8408-6ee244095327/export Sat, 16 May 2026 02:23:37 +0000 https://vulnerability.circl.lu/sighting/cfbf247e-7602-4516-8873-7654644a7a5b/export {"uuid": "cfbf247e-7602-4516-8873-7654644a7a5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44543", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmwm5qtmgk2e", "content": "\ud83d\udfe0 CVE-2026-44543 - High (8.7)\n\nLocal Path Provisioner provides a way for the Kubernetes users to utilize the local storage in ea...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-44543/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-28T18:02:19.920149Z"} {"uuid": "cfbf247e-7602-4516-8873-7654644a7a5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44543", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmwm5qtmgk2e", "content": "\ud83d\udfe0 CVE-2026-44543 - High (8.7)\n\nLocal Path Provisioner provides a way for the Kubernetes users to utilize the local storage in ea...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-44543/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-28T18:02:19.920149Z"} https://vulnerability.circl.lu/sighting/cfbf247e-7602-4516-8873-7654644a7a5b/export Thu, 28 May 2026 18:02:19 +0000 https://vulnerability.circl.lu/sighting/bef83f90-0c7a-4bc5-b62c-a374b7b23f9e/export {"uuid": "bef83f90-0c7a-4bc5-b62c-a374b7b23f9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44543", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwskzrhml2t", "content": "CVE-2026-44543 - Local Path Provisioner: HelperPod Template Injection\nCVE ID : CVE-2026-44543\n \n Published : May 28, 2026, 5:16 p.m. | 1\u00a0hour, 54\u00a0minutes ago\n \n Description : Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each no...", "creation_timestamp": "2026-05-28T19:57:07.314747Z"} {"uuid": "bef83f90-0c7a-4bc5-b62c-a374b7b23f9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44543", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwskzrhml2t", "content": "CVE-2026-44543 - Local Path Provisioner: HelperPod Template Injection\nCVE ID : CVE-2026-44543\n \n Published : May 28, 2026, 5:16 p.m. | 1\u00a0hour, 54\u00a0minutes ago\n \n Description : Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each no...", "creation_timestamp": "2026-05-28T19:57:07.314747Z"} https://vulnerability.circl.lu/sighting/bef83f90-0c7a-4bc5-b62c-a374b7b23f9e/export Thu, 28 May 2026 19:57:07 +0000