<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 17 Jul 2026 22:55:07 +0000</lastBuildDate>
    <item>
      <title>c9fe9e68-ad0d-4c02-b043-d119391233ad</title>
      <link>https://vulnerability.circl.lu/sighting/c9fe9e68-ad0d-4c02-b043-d119391233ad/export</link>
      <description>{"uuid": "c9fe9e68-ad0d-4c02-b043-d119391233ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46621", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqrxcl3oag2n", "content": "CVE-2026-46621 - Yamcs: Authenticated Remote Code Execution (RCE) via Jython Algorithm Code Injection\nCVE ID : CVE-2026-46621\n \n Published : July 16, 2026, 5:16 p.m. | 1\u00a0hour, 17\u00a0minutes ago\n \n Description : Yamcs is a mission control framework. Prior to 5.12.7, the Yamcs scri...", "creation_timestamp": "2026-07-16T19:19:19.786906Z"}</description>
      <content:encoded>{"uuid": "c9fe9e68-ad0d-4c02-b043-d119391233ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46621", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqrxcl3oag2n", "content": "CVE-2026-46621 - Yamcs: Authenticated Remote Code Execution (RCE) via Jython Algorithm Code Injection\nCVE ID : CVE-2026-46621\n \n Published : July 16, 2026, 5:16 p.m. | 1\u00a0hour, 17\u00a0minutes ago\n \n Description : Yamcs is a mission control framework. Prior to 5.12.7, the Yamcs scri...", "creation_timestamp": "2026-07-16T19:19:19.786906Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c9fe9e68-ad0d-4c02-b043-d119391233ad/export</guid>
      <pubDate>Thu, 16 Jul 2026 19:19:19 +0000</pubDate>
    </item>
    <item>
      <title>721148ec-814f-4e8a-88ec-f61dfd588c21</title>
      <link>https://vulnerability.circl.lu/sighting/721148ec-814f-4e8a-88ec-f61dfd588c21/export</link>
      <description>{"uuid": "721148ec-814f-4e8a-88ec-f61dfd588c21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46621", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqroqkzgbc2j", "content": "CVE-2026-46621 - org.yamcs:yamcs-core\nAn attacker with permission to update mission databases can exploit Yamcs by inserting malicious code into Python algorithms. This allows them to run commands on the server,\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#yamcs #Java #CVE #infosec", "creation_timestamp": "2026-07-16T16:46:05.807082Z"}</description>
      <content:encoded>{"uuid": "721148ec-814f-4e8a-88ec-f61dfd588c21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46621", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqroqkzgbc2j", "content": "CVE-2026-46621 - org.yamcs:yamcs-core\nAn attacker with permission to update mission databases can exploit Yamcs by inserting malicious code into Python algorithms. This allows them to run commands on the server,\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#yamcs #Java #CVE #infosec", "creation_timestamp": "2026-07-16T16:46:05.807082Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/721148ec-814f-4e8a-88ec-f61dfd588c21/export</guid>
      <pubDate>Thu, 16 Jul 2026 16:46:05 +0000</pubDate>
    </item>
    <item>
      <title>31920c73-212e-45e0-8aa4-023c3fd9bf68</title>
      <link>https://vulnerability.circl.lu/sighting/31920c73-212e-45e0-8aa4-023c3fd9bf68/export</link>
      <description>{"uuid": "31920c73-212e-45e0-8aa4-023c3fd9bf68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46622", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moc3io7van2x", "content": "\ud83d\udfe0 CVE-2026-46622 - High (8.1)\n\nSolidInvoice is an open-source invoicing platform. Prior to version 2.3.17, API tokens used to au...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-46622/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-15T01:01:21.272118Z"}</description>
      <content:encoded>{"uuid": "31920c73-212e-45e0-8aa4-023c3fd9bf68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46622", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moc3io7van2x", "content": "\ud83d\udfe0 CVE-2026-46622 - High (8.1)\n\nSolidInvoice is an open-source invoicing platform. Prior to version 2.3.17, API tokens used to au...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-46622/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-15T01:01:21.272118Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/31920c73-212e-45e0-8aa4-023c3fd9bf68/export</guid>
      <pubDate>Mon, 15 Jun 2026 01:01:21 +0000</pubDate>
    </item>
    <item>
      <title>ae625fb0-1f1d-45a3-ad4e-ced3f120bb6d</title>
      <link>https://vulnerability.circl.lu/sighting/ae625fb0-1f1d-45a3-ad4e-ced3f120bb6d/export</link>
      <description>{"uuid": "ae625fb0-1f1d-45a3-ad4e-ced3f120bb6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46622", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mo26xyzixc2d", "content": "CVE-2026-46622 - SolidInvoice: API tokens stored as plaintext in the database allowing full credential compromise on database breach\nCVE ID : CVE-2026-46622\n \n Published : June 11, 2026, 8:16 p.m. | 1\u00a0hour, 3\u00a0minutes ago\n \n Description : SolidInvoice is an open-source invoicin...", "creation_timestamp": "2026-06-11T21:42:18.277180Z"}</description>
      <content:encoded>{"uuid": "ae625fb0-1f1d-45a3-ad4e-ced3f120bb6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46622", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mo26xyzixc2d", "content": "CVE-2026-46622 - SolidInvoice: API tokens stored as plaintext in the database allowing full credential compromise on database breach\nCVE ID : CVE-2026-46622\n \n Published : June 11, 2026, 8:16 p.m. | 1\u00a0hour, 3\u00a0minutes ago\n \n Description : SolidInvoice is an open-source invoicin...", "creation_timestamp": "2026-06-11T21:42:18.277180Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ae625fb0-1f1d-45a3-ad4e-ced3f120bb6d/export</guid>
      <pubDate>Thu, 11 Jun 2026 21:42:18 +0000</pubDate>
    </item>
    <item>
      <title>45a9a976-95a4-4ff2-9ba2-b7d412666871</title>
      <link>https://vulnerability.circl.lu/sighting/45a9a976-95a4-4ff2-9ba2-b7d412666871/export</link>
      <description>{"uuid": "45a9a976-95a4-4ff2-9ba2-b7d412666871", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46625", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mnxtfp7clr23", "content": "CVE-2026-46625 - Prototype Pollution in js-cookie &amp;lt; 3.0.7. CVSS 7.5. Unpatched. Hijacks Object.prototype via __proto__ assignment. Update immediately. #CVE #JavaScript #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-46625/", "creation_timestamp": "2026-06-10T23:09:53.292225Z"}</description>
      <content:encoded>{"uuid": "45a9a976-95a4-4ff2-9ba2-b7d412666871", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46625", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mnxtfp7clr23", "content": "CVE-2026-46625 - Prototype Pollution in js-cookie &amp;lt; 3.0.7. CVSS 7.5. Unpatched. Hijacks Object.prototype via __proto__ assignment. Update immediately. #CVE #JavaScript #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-46625/", "creation_timestamp": "2026-06-10T23:09:53.292225Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/45a9a976-95a4-4ff2-9ba2-b7d412666871/export</guid>
      <pubDate>Wed, 10 Jun 2026 23:09:53 +0000</pubDate>
    </item>
    <item>
      <title>ef32c352-1ca9-4b93-9fdc-478e955ba6c5</title>
      <link>https://vulnerability.circl.lu/sighting/ef32c352-1ca9-4b93-9fdc-478e955ba6c5/export</link>
      <description>{"uuid": "ef32c352-1ca9-4b93-9fdc-478e955ba6c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46624", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mmtwwhceoy2u", "content": "\ud83d\udccc CVE-2026-46624 - Twenty is an open source CRM. From 1.7.7 through 1.16.7, a critical Remote Code Execution (RCE) vulnerability exists in Twenty CRM via a chained SQL I... https://www.cyberhub.blog/cves/CVE-2026-46624", "creation_timestamp": "2026-05-27T16:37:41.423142Z"}</description>
      <content:encoded>{"uuid": "ef32c352-1ca9-4b93-9fdc-478e955ba6c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46624", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mmtwwhceoy2u", "content": "\ud83d\udccc CVE-2026-46624 - Twenty is an open source CRM. From 1.7.7 through 1.16.7, a critical Remote Code Execution (RCE) vulnerability exists in Twenty CRM via a chained SQL I... https://www.cyberhub.blog/cves/CVE-2026-46624", "creation_timestamp": "2026-05-27T16:37:41.423142Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ef32c352-1ca9-4b93-9fdc-478e955ba6c5/export</guid>
      <pubDate>Wed, 27 May 2026 16:37:41 +0000</pubDate>
    </item>
    <item>
      <title>b45c9928-8252-47af-82f8-f3756ade7810</title>
      <link>https://vulnerability.circl.lu/sighting/b45c9928-8252-47af-82f8-f3756ade7810/export</link>
      <description>{"uuid": "b45c9928-8252-47af-82f8-f3756ade7810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-46621", "type": "published-proof-of-concept", "source": "https://github.com/yamcs/yamcs/security/advisories/GHSA-2g95-6x5q-xjwj", "content": "", "creation_timestamp": "2026-05-21T15:02:27.000000Z"}</description>
      <content:encoded>{"uuid": "b45c9928-8252-47af-82f8-f3756ade7810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-46621", "type": "published-proof-of-concept", "source": "https://github.com/yamcs/yamcs/security/advisories/GHSA-2g95-6x5q-xjwj", "content": "", "creation_timestamp": "2026-05-21T15:02:27.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b45c9928-8252-47af-82f8-f3756ade7810/export</guid>
      <pubDate>Thu, 21 May 2026 15:02:27 +0000</pubDate>
    </item>
    <item>
      <title>b399e528-6ee0-424a-b777-bb047a4643df</title>
      <link>https://vulnerability.circl.lu/sighting/b399e528-6ee0-424a-b777-bb047a4643df/export</link>
      <description>{"uuid": "b399e528-6ee0-424a-b777-bb047a4643df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46626", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmc3qc4eg22q", "content": "\ud83d\udd17 CVE : CVE-2026-45070, CVE-2026-45077, CVE-2026-45304, CVE-2026-45305, CVE-2026-45753, CVE-2026-45754, CVE-2026-45755, CVE-2026-45756, CVE-2026-46626, CVE-2026-47212", "creation_timestamp": "2026-05-20T14:15:13.876320Z"}</description>
      <content:encoded>{"uuid": "b399e528-6ee0-424a-b777-bb047a4643df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46626", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmc3qc4eg22q", "content": "\ud83d\udd17 CVE : CVE-2026-45070, CVE-2026-45077, CVE-2026-45304, CVE-2026-45305, CVE-2026-45753, CVE-2026-45754, CVE-2026-45755, CVE-2026-45756, CVE-2026-46626, CVE-2026-47212", "creation_timestamp": "2026-05-20T14:15:13.876320Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b399e528-6ee0-424a-b777-bb047a4643df/export</guid>
      <pubDate>Wed, 20 May 2026 14:15:13 +0000</pubDate>
    </item>
    <item>
      <title>5209fcfc-d9bb-47c1-b62e-58291f15df6f</title>
      <link>https://vulnerability.circl.lu/sighting/5209fcfc-d9bb-47c1-b62e-58291f15df6f/export</link>
      <description>{"uuid": "5209fcfc-d9bb-47c1-b62e-58291f15df6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46626", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbqwtodhw2b", "content": "\ud83d\udd10 CVE-2026-46626: SymfonyRuntime CVE-2024-50340 Patch Bypass via parse_str/SAPI Argv Mismatch\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-46626-symfonyruntime-cve-2024-50340-patch-bypass-via-parse-str-sapi-argv-mismatch", "creation_timestamp": "2026-05-20T11:02:01.159613Z"}</description>
      <content:encoded>{"uuid": "5209fcfc-d9bb-47c1-b62e-58291f15df6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46626", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbqwtodhw2b", "content": "\ud83d\udd10 CVE-2026-46626: SymfonyRuntime CVE-2024-50340 Patch Bypass via parse_str/SAPI Argv Mismatch\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-46626-symfonyruntime-cve-2024-50340-patch-bypass-via-parse-str-sapi-argv-mismatch", "creation_timestamp": "2026-05-20T11:02:01.159613Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5209fcfc-d9bb-47c1-b62e-58291f15df6f/export</guid>
      <pubDate>Wed, 20 May 2026 11:02:01 +0000</pubDate>
    </item>
    <item>
      <title>961f8605-4db2-49b4-805a-6a98e74d612c</title>
      <link>https://vulnerability.circl.lu/sighting/961f8605-4db2-49b4-805a-6a98e74d612c/export</link>
      <description>{"uuid": "961f8605-4db2-49b4-805a-6a98e74d612c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46627", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbpa5zf3m2v", "content": "\ud83d\udd10 CVE-2026-46627: Sandbox does not protect against resource exhaustion\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-46627-sandbox-does-not-protect-against-resource-exhaustion", "creation_timestamp": "2026-05-20T10:31:26.743891Z"}</description>
      <content:encoded>{"uuid": "961f8605-4db2-49b4-805a-6a98e74d612c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46627", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbpa5zf3m2v", "content": "\ud83d\udd10 CVE-2026-46627: Sandbox does not protect against resource exhaustion\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-46627-sandbox-does-not-protect-against-resource-exhaustion", "creation_timestamp": "2026-05-20T10:31:26.743891Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/961f8605-4db2-49b4-805a-6a98e74d612c/export</guid>
      <pubDate>Wed, 20 May 2026 10:31:26 +0000</pubDate>
    </item>
  </channel>
</rss>
