<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Thu, 16 Jul 2026 23:53:18 +0000</lastBuildDate>
    <item>
      <title>7659dd7a-bd42-42a1-872c-44e7a9df2128</title>
      <link>https://vulnerability.circl.lu/sighting/7659dd7a-bd42-42a1-872c-44e7a9df2128/export</link>
      <description>{"uuid": "7659dd7a-bd42-42a1-872c-44e7a9df2128", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45068", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqrkv7liw422", "content": "\ud83d\udccc CVE-2026-45068 - Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Sendmai... https://www.cyberhub.blog/cves/CVE-2026-45068", "creation_timestamp": "2026-07-16T15:37:06.885875Z"}</description>
      <content:encoded>{"uuid": "7659dd7a-bd42-42a1-872c-44e7a9df2128", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45068", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqrkv7liw422", "content": "\ud83d\udccc CVE-2026-45068 - Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Sendmai... https://www.cyberhub.blog/cves/CVE-2026-45068", "creation_timestamp": "2026-07-16T15:37:06.885875Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7659dd7a-bd42-42a1-872c-44e7a9df2128/export</guid>
      <pubDate>Thu, 16 Jul 2026 15:37:06 +0000</pubDate>
    </item>
    <item>
      <title>954f40de-6a3a-47cc-bd6c-3072f6b910a2</title>
      <link>https://vulnerability.circl.lu/sighting/954f40de-6a3a-47cc-bd6c-3072f6b910a2/export</link>
      <description>{"uuid": "954f40de-6a3a-47cc-bd6c-3072f6b910a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45069", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqratdmms32f", "content": "\ud83d\udccc CVE-2026-45069 - Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 6.4.40, 7.4.12, and 8.0.12, OidcTokenHandle... https://www.cyberhub.blog/cves/CVE-2026-45069", "creation_timestamp": "2026-07-16T12:37:06.316953Z"}</description>
      <content:encoded>{"uuid": "954f40de-6a3a-47cc-bd6c-3072f6b910a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45069", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqratdmms32f", "content": "\ud83d\udccc CVE-2026-45069 - Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 6.4.40, 7.4.12, and 8.0.12, OidcTokenHandle... https://www.cyberhub.blog/cves/CVE-2026-45069", "creation_timestamp": "2026-07-16T12:37:06.316953Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/954f40de-6a3a-47cc-bd6c-3072f6b910a2/export</guid>
      <pubDate>Thu, 16 Jul 2026 12:37:06 +0000</pubDate>
    </item>
    <item>
      <title>ad03f805-c8b2-4a68-acc0-9acb647be187</title>
      <link>https://vulnerability.circl.lu/sighting/ad03f805-c8b2-4a68-acc0-9acb647be187/export</link>
      <description>{"uuid": "ad03f805-c8b2-4a68-acc0-9acb647be187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45063", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqqv3teuww2t", "content": "\ud83d\udccc CVE-2026-45063 - Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, X509Aut... https://www.cyberhub.blog/cves/CVE-2026-45063", "creation_timestamp": "2026-07-16T09:07:08.994752Z"}</description>
      <content:encoded>{"uuid": "ad03f805-c8b2-4a68-acc0-9acb647be187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45063", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqqv3teuww2t", "content": "\ud83d\udccc CVE-2026-45063 - Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, X509Aut... https://www.cyberhub.blog/cves/CVE-2026-45063", "creation_timestamp": "2026-07-16T09:07:08.994752Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ad03f805-c8b2-4a68-acc0-9acb647be187/export</guid>
      <pubDate>Thu, 16 Jul 2026 09:07:08 +0000</pubDate>
    </item>
    <item>
      <title>40f33f91-d004-4751-bc3c-20e64fbe88da</title>
      <link>https://vulnerability.circl.lu/sighting/40f33f91-d004-4751-bc3c-20e64fbe88da/export</link>
      <description>{"uuid": "40f33f91-d004-4751-bc3c-20e64fbe88da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45063", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqofzkhzrh2l", "content": "CVE-2026-45063 - symfony\nA flaw in Debian Linux allows attackers to run malicious code on a remote system without needing a password. This could lead to unauthorized access and data theft. Debian\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#symfony #debian #Debian11 #CVE #infosec", "creation_timestamp": "2026-07-15T09:32:04.432449Z"}</description>
      <content:encoded>{"uuid": "40f33f91-d004-4751-bc3c-20e64fbe88da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45063", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqofzkhzrh2l", "content": "CVE-2026-45063 - symfony\nA flaw in Debian Linux allows attackers to run malicious code on a remote system without needing a password. This could lead to unauthorized access and data theft. Debian\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#symfony #debian #Debian11 #CVE #infosec", "creation_timestamp": "2026-07-15T09:32:04.432449Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/40f33f91-d004-4751-bc3c-20e64fbe88da/export</guid>
      <pubDate>Wed, 15 Jul 2026 09:32:04 +0000</pubDate>
    </item>
    <item>
      <title>2ed833d6-dbb3-4add-90cb-b8344165caec</title>
      <link>https://vulnerability.circl.lu/sighting/2ed833d6-dbb3-4add-90cb-b8344165caec/export</link>
      <description>{"uuid": "2ed833d6-dbb3-4add-90cb-b8344165caec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45069", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqmyzr2zyk2w", "content": "CVE-2026-45069 - Symfony: OidcTokenHandler Accepts JWTs Missing aud/iss/exp Claims\nCVE ID : CVE-2026-45069\n \n Published : July 14, 2026, 7:17 p.m. | 13\u00a0minutes ago\n \n Description : Symfony is a PHP framework for web and console applications and a set of reusable PHP components...", "creation_timestamp": "2026-07-14T20:06:53.011515Z"}</description>
      <content:encoded>{"uuid": "2ed833d6-dbb3-4add-90cb-b8344165caec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45069", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqmyzr2zyk2w", "content": "CVE-2026-45069 - Symfony: OidcTokenHandler Accepts JWTs Missing aud/iss/exp Claims\nCVE ID : CVE-2026-45069\n \n Published : July 14, 2026, 7:17 p.m. | 13\u00a0minutes ago\n \n Description : Symfony is a PHP framework for web and console applications and a set of reusable PHP components...", "creation_timestamp": "2026-07-14T20:06:53.011515Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/2ed833d6-dbb3-4add-90cb-b8344165caec/export</guid>
      <pubDate>Tue, 14 Jul 2026 20:06:53 +0000</pubDate>
    </item>
    <item>
      <title>2f85b204-df83-4cce-9348-4187f1a1e7b1</title>
      <link>https://vulnerability.circl.lu/sighting/2f85b204-df83-4cce-9348-4187f1a1e7b1/export</link>
      <description>{"uuid": "2f85b204-df83-4cce-9348-4187f1a1e7b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45064", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqmymy5n7m2t", "content": "CVE-2026-45064 - Symfony: HtmlSanitizer URL Attributes Pass Through BiDi Override Characters \u2192 Visual href Spoofing\nCVE ID : CVE-2026-45064\n \n Published : July 14, 2026, 7:17 p.m. | 13\u00a0minutes ago\n \n Description : Symfony is a PHP framework for web and console applications and...", "creation_timestamp": "2026-07-14T19:59:43.973362Z"}</description>
      <content:encoded>{"uuid": "2f85b204-df83-4cce-9348-4187f1a1e7b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45064", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqmymy5n7m2t", "content": "CVE-2026-45064 - Symfony: HtmlSanitizer URL Attributes Pass Through BiDi Override Characters \u2192 Visual href Spoofing\nCVE ID : CVE-2026-45064\n \n Published : July 14, 2026, 7:17 p.m. | 13\u00a0minutes ago\n \n Description : Symfony is a PHP framework for web and console applications and...", "creation_timestamp": "2026-07-14T19:59:43.973362Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/2f85b204-df83-4cce-9348-4187f1a1e7b1/export</guid>
      <pubDate>Tue, 14 Jul 2026 19:59:43 +0000</pubDate>
    </item>
    <item>
      <title>edd5f173-c76f-4147-b01e-fcca8b9ac18d</title>
      <link>https://vulnerability.circl.lu/sighting/edd5f173-c76f-4147-b01e-fcca8b9ac18d/export</link>
      <description>{"uuid": "edd5f173-c76f-4147-b01e-fcca8b9ac18d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45063", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqmxjszsha2t", "content": "CVE-2026-45063 - symfony\nAn attacker with a fake client certificate can pretend to be someone else when using two-factor authentication with a trusted certificate. This affects Symfony when it uses client\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#symfony #composer #CVE #infosec", "creation_timestamp": "2026-07-14T19:40:04.488632Z"}</description>
      <content:encoded>{"uuid": "edd5f173-c76f-4147-b01e-fcca8b9ac18d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45063", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqmxjszsha2t", "content": "CVE-2026-45063 - symfony\nAn attacker with a fake client certificate can pretend to be someone else when using two-factor authentication with a trusted certificate. This affects Symfony when it uses client\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#symfony #composer #CVE #infosec", "creation_timestamp": "2026-07-14T19:40:04.488632Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/edd5f173-c76f-4147-b01e-fcca8b9ac18d/export</guid>
      <pubDate>Tue, 14 Jul 2026 19:40:04 +0000</pubDate>
    </item>
    <item>
      <title>b04d4063-c757-4a47-a6ec-12d91c188ac4</title>
      <link>https://vulnerability.circl.lu/sighting/b04d4063-c757-4a47-a6ec-12d91c188ac4/export</link>
      <description>{"uuid": "b04d4063-c757-4a47-a6ec-12d91c188ac4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45060", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mo2qe7oetf2r", "content": "ClipBucket v5.5.3\u672a\u6e80\u3067\u306f\u3001\u8a8d\u8a3c\u3055\u308c\u3066\u3044\u306a\u3044\u30e6\u30fc\u30b6\u30fc\u304cprogress_video.php\u306eids\u30d1\u30e9\u30e1\u30fc\u30bf\u3067SQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u3092\u60aa\u7528\u3057\u3001\u6a5f\u5bc6\u30c7\u30fc\u30bf\u3092\u7a83\u53d6\u3059\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\nCVE-2026-45060 CVSS 9.8 | CRITICAL", "creation_timestamp": "2026-06-12T02:53:21.660294Z"}</description>
      <content:encoded>{"uuid": "b04d4063-c757-4a47-a6ec-12d91c188ac4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45060", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mo2qe7oetf2r", "content": "ClipBucket v5.5.3\u672a\u6e80\u3067\u306f\u3001\u8a8d\u8a3c\u3055\u308c\u3066\u3044\u306a\u3044\u30e6\u30fc\u30b6\u30fc\u304cprogress_video.php\u306eids\u30d1\u30e9\u30e1\u30fc\u30bf\u3067SQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u3092\u60aa\u7528\u3057\u3001\u6a5f\u5bc6\u30c7\u30fc\u30bf\u3092\u7a83\u53d6\u3059\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\nCVE-2026-45060 CVSS 9.8 | CRITICAL", "creation_timestamp": "2026-06-12T02:53:21.660294Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b04d4063-c757-4a47-a6ec-12d91c188ac4/export</guid>
      <pubDate>Fri, 12 Jun 2026 02:53:21 +0000</pubDate>
    </item>
    <item>
      <title>c29e94cf-9d9f-44d0-8d6a-36ded3caba08</title>
      <link>https://vulnerability.circl.lu/sighting/c29e94cf-9d9f-44d0-8d6a-36ded3caba08/export</link>
      <description>{"uuid": "c29e94cf-9d9f-44d0-8d6a-36ded3caba08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45060", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mo2nr25qwa2r", "content": "CVE-2026-45060 - Critical unauthenticated blind SQLi in ClipBucket v5. CVSS 9.8. Attackers can exfiltrate sensitive data via the ids parameter. Update to 5.5.3 - #129 immediately. #CVE #infosec #ClipBucket\n\nhttps://www.valtersit.com/cve/CVE-2026-45060/", "creation_timestamp": "2026-06-12T02:06:50.792025Z"}</description>
      <content:encoded>{"uuid": "c29e94cf-9d9f-44d0-8d6a-36ded3caba08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45060", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mo2nr25qwa2r", "content": "CVE-2026-45060 - Critical unauthenticated blind SQLi in ClipBucket v5. CVSS 9.8. Attackers can exfiltrate sensitive data via the ids parameter. Update to 5.5.3 - #129 immediately. #CVE #infosec #ClipBucket\n\nhttps://www.valtersit.com/cve/CVE-2026-45060/", "creation_timestamp": "2026-06-12T02:06:50.792025Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c29e94cf-9d9f-44d0-8d6a-36ded3caba08/export</guid>
      <pubDate>Fri, 12 Jun 2026 02:06:50 +0000</pubDate>
    </item>
    <item>
      <title>54d6e7cd-6fdc-4eb2-8ed0-21c2c84c23fe</title>
      <link>https://vulnerability.circl.lu/sighting/54d6e7cd-6fdc-4eb2-8ed0-21c2c84c23fe/export</link>
      <description>{"uuid": "54d6e7cd-6fdc-4eb2-8ed0-21c2c84c23fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45060", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mo2lpwxev72r", "content": "\ud83d\udea8 CRITICAL vuln: ClipBucket v5 (&amp;lt;5.5.3) blind SQL injection in progress_video.php \u2014 unauthenticated attackers can steal data. Patch to v5.5.3 now! https://radar.offseq.com/threat/cve-2026-45060-cwe-89-improper-neutralization-of-s-b8ad08b0 #OffSeq #SQLInjection #Vulnerability", "creation_timestamp": "2026-06-12T01:30:26.901165Z"}</description>
      <content:encoded>{"uuid": "54d6e7cd-6fdc-4eb2-8ed0-21c2c84c23fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45060", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mo2lpwxev72r", "content": "\ud83d\udea8 CRITICAL vuln: ClipBucket v5 (&amp;lt;5.5.3) blind SQL injection in progress_video.php \u2014 unauthenticated attackers can steal data. Patch to v5.5.3 now! https://radar.offseq.com/threat/cve-2026-45060-cwe-89-improper-neutralization-of-s-b8ad08b0 #OffSeq #SQLInjection #Vulnerability", "creation_timestamp": "2026-06-12T01:30:26.901165Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/54d6e7cd-6fdc-4eb2-8ed0-21c2c84c23fe/export</guid>
      <pubDate>Fri, 12 Jun 2026 01:30:26 +0000</pubDate>
    </item>
  </channel>
</rss>
