<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sat, 04 Jul 2026 16:42:38 +0000</lastBuildDate>
    <item>
      <title>55e880ed-ff88-4984-99a9-4669108f2566</title>
      <link>https://vulnerability.circl.lu/sighting/55e880ed-ff88-4984-99a9-4669108f2566/export</link>
      <description>{"uuid": "55e880ed-ff88-4984-99a9-4669108f2566", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-51923", "type": "seen", "source": "https://gist.github.com/ZeroBreach-GmbH/f582fe0ded3bcccead7a7e90fca8c107", "content": "##### Description\n\nAn Insecure Direct Object Reference (IDOR) vulnerability exists in the application\u2019s user management functionality that allows an authenticated attacker to modify or retrieve sensitive data associated with other users\u2019 accounts.\n\n##### Details\n\n*   **Product:** docuForm FSM Server\n*   **Affected Versions:** 11.11c\n*   **Vulnerability Type:** CWE-639: Authorization Bypass Through User-Controlled Key\n*   **Risk Level:** High - CVSS 3.1: 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)\n*   **Vendor URL:** www.docuform.de\n*   **Vendor acknowledged vulnerability:** Yes\n*   **CVE:** CVE-2026-51923\n\n##### Impact\n\nAn authenticated attacker who exploits this IDOR\u2011based vulnerability can gain full control over other users\u2019 accounts, resulting in account takeover.\n\n##### References\n\n*   [National Vulnerability Database CVE-2026-51923](https://nvd.nist.gov/vuln/detail/CVE-2026-51923)\n*   [ZeroBreach GmbH - CVE-2026-51923](https://zerobreach.de/blog/security-advisories/CVE-2026-51923.html)\n\n##### Timeline\n\n*   **2025-10:** Vulnerability reported to the vendor.\n*   **2025-11:** Vendor published a fix for the issue.\n*   **2026-06:** Information about the vulnerability is published.\n\n##### Credits\n\n*   Bastian Recktenwald ([Bastian.Recktenwald@ZeroBreach.de](mailto:Bastian.Recktenwald@ZeroBreach.de))", "creation_timestamp": "2026-07-01T08:44:39.256275Z"}</description>
      <content:encoded>{"uuid": "55e880ed-ff88-4984-99a9-4669108f2566", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-51923", "type": "seen", "source": "https://gist.github.com/ZeroBreach-GmbH/f582fe0ded3bcccead7a7e90fca8c107", "content": "##### Description\n\nAn Insecure Direct Object Reference (IDOR) vulnerability exists in the application\u2019s user management functionality that allows an authenticated attacker to modify or retrieve sensitive data associated with other users\u2019 accounts.\n\n##### Details\n\n*   **Product:** docuForm FSM Server\n*   **Affected Versions:** 11.11c\n*   **Vulnerability Type:** CWE-639: Authorization Bypass Through User-Controlled Key\n*   **Risk Level:** High - CVSS 3.1: 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)\n*   **Vendor URL:** www.docuform.de\n*   **Vendor acknowledged vulnerability:** Yes\n*   **CVE:** CVE-2026-51923\n\n##### Impact\n\nAn authenticated attacker who exploits this IDOR\u2011based vulnerability can gain full control over other users\u2019 accounts, resulting in account takeover.\n\n##### References\n\n*   [National Vulnerability Database CVE-2026-51923](https://nvd.nist.gov/vuln/detail/CVE-2026-51923)\n*   [ZeroBreach GmbH - CVE-2026-51923](https://zerobreach.de/blog/security-advisories/CVE-2026-51923.html)\n\n##### Timeline\n\n*   **2025-10:** Vulnerability reported to the vendor.\n*   **2025-11:** Vendor published a fix for the issue.\n*   **2026-06:** Information about the vulnerability is published.\n\n##### Credits\n\n*   Bastian Recktenwald ([Bastian.Recktenwald@ZeroBreach.de](mailto:Bastian.Recktenwald@ZeroBreach.de))", "creation_timestamp": "2026-07-01T08:44:39.256275Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/55e880ed-ff88-4984-99a9-4669108f2566/export</guid>
      <pubDate>Wed, 01 Jul 2026 08:44:39 +0000</pubDate>
    </item>
    <item>
      <title>4a75b8f9-fe42-48aa-8d29-18537746987e</title>
      <link>https://vulnerability.circl.lu/sighting/4a75b8f9-fe42-48aa-8d29-18537746987e/export</link>
      <description>{"uuid": "4a75b8f9-fe42-48aa-8d29-18537746987e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-51924", "type": "seen", "source": "https://gist.github.com/ZeroBreach-GmbH/530286989ec11137978035020d84bdc4", "content": "##### Description\n\nMissing Input validation in combination with other vulnerabilities allows an attacker to achieve Remote Code Execution (RCE). The application fails to properly sanitize user-supplied input during multiple access points which allows an attacker to conduct arbitrary code execution on the system.\n\n##### Details\n\n*   **Product:** docuForm FSM Client\n*   **Affected Versions:** 11.11c\n*   **Vulnerability Type:** CWE-20: Improper Input Validation\n*   **Risk Level:** High - CVSS 3.1: 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n*   **Vendor URL:** www.docuform.de\n*   **Vendor acknowledged vulnerability:** Yes\n*   **Vendor Status:** Fixed\n*   **CVE:** CVE-2026-51924\n\n##### Impact\n\nSuccessful exploitation of this vulnerability allows an authenticated remote attacker to execute arbitrary code on the target system. This could lead to a complete compromise of the application, including unauthorized access to sensitive data and modification of system configurations.\n\n##### References\n\n*   [National Vulnerability Database CVE-2026-51924](https://nvd.nist.gov/vuln/detail/CVE-2026-51924)\n*   [ZeroBreach GmbH - CVE-2026-51924](https://zerobreach.de/blog/security-advisories/CVE-2026-51924.html)\n\n##### Timeline\n\n*   **2025-10:** Vulnerability reported to the vendor.\n*   **2025-11:** Vendor published a fix for the issue.\n*   **2026-06:** Information about the vulnerability is published.\n\n##### Credits\n\n*   Bastian Recktenwald ([Bastian.Recktenwald@ZeroBreach.de](mailto:Bastian.Recktenwald@ZeroBreach.de))", "creation_timestamp": "2026-07-01T08:42:09.274492Z"}</description>
      <content:encoded>{"uuid": "4a75b8f9-fe42-48aa-8d29-18537746987e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-51924", "type": "seen", "source": "https://gist.github.com/ZeroBreach-GmbH/530286989ec11137978035020d84bdc4", "content": "##### Description\n\nMissing Input validation in combination with other vulnerabilities allows an attacker to achieve Remote Code Execution (RCE). The application fails to properly sanitize user-supplied input during multiple access points which allows an attacker to conduct arbitrary code execution on the system.\n\n##### Details\n\n*   **Product:** docuForm FSM Client\n*   **Affected Versions:** 11.11c\n*   **Vulnerability Type:** CWE-20: Improper Input Validation\n*   **Risk Level:** High - CVSS 3.1: 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n*   **Vendor URL:** www.docuform.de\n*   **Vendor acknowledged vulnerability:** Yes\n*   **Vendor Status:** Fixed\n*   **CVE:** CVE-2026-51924\n\n##### Impact\n\nSuccessful exploitation of this vulnerability allows an authenticated remote attacker to execute arbitrary code on the target system. This could lead to a complete compromise of the application, including unauthorized access to sensitive data and modification of system configurations.\n\n##### References\n\n*   [National Vulnerability Database CVE-2026-51924](https://nvd.nist.gov/vuln/detail/CVE-2026-51924)\n*   [ZeroBreach GmbH - CVE-2026-51924](https://zerobreach.de/blog/security-advisories/CVE-2026-51924.html)\n\n##### Timeline\n\n*   **2025-10:** Vulnerability reported to the vendor.\n*   **2025-11:** Vendor published a fix for the issue.\n*   **2026-06:** Information about the vulnerability is published.\n\n##### Credits\n\n*   Bastian Recktenwald ([Bastian.Recktenwald@ZeroBreach.de](mailto:Bastian.Recktenwald@ZeroBreach.de))", "creation_timestamp": "2026-07-01T08:42:09.274492Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/4a75b8f9-fe42-48aa-8d29-18537746987e/export</guid>
      <pubDate>Wed, 01 Jul 2026 08:42:09 +0000</pubDate>
    </item>
    <item>
      <title>70c8b415-5647-492c-903e-a465a6a4f0a5</title>
      <link>https://vulnerability.circl.lu/sighting/70c8b415-5647-492c-903e-a465a6a4f0a5/export</link>
      <description>{"uuid": "70c8b415-5647-492c-903e-a465a6a4f0a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-51925", "type": "seen", "source": "https://gist.github.com/ZeroBreach-GmbH/09e05b53c3a5e34e9a060860fb2412ba", "content": "##### Description\n\nA Local File Inclusion (LFI) vulnerability exists in the affected web application due to insufficient sanitization of user-supplied input in a file path parameter. Attackers can exploit this flaw to read arbitrary files on the server, including sensitive configuration files, source code or system files.\n\n##### Details\n\n*   **Product:** docuForm FSM Server\n*   **Affected Versions:** 11.11c\n*   **Vulnerability Type:** CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')\n*   **Risk Level:** Medium - CVSS 3.1: 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n*   **Vendor URL:** www.docuform.de\n*   **Vendor acknowledged vulnerability:** Yes\n*   **CVE:** CVE-2026-51925\n\n##### Impact\n\nSuccessful exploitation of this Local File Inclusion vulnerability allows remote attackers to read arbitrary files on the affected server, potentially exposing sensitive information such as configuration files, user credentials or system data like /etc/passwd.\n\n##### References\n\n*   [National Vulnerability Database CVE-2026-51925](https://nvd.nist.gov/vuln/detail/CVE-2026-51925)\n*   [ZeroBreach GmbH - CVE-2026-51925](https://zerobreach.de/blog/security-advisories/CVE-2026-51925.html)\n\n##### Timeline\n\n*   **2025-10:** Vulnerability reported to the vendor.\n*   **2025-11:** Vendor published a fix for the issue.\n*   **2026-06:** Information about the vulnerability is published.\n\n##### Credits\n\n*   Bastian Recktenwald ([Bastian.Recktenwald@ZeroBreach.de](mailto:Bastian.Recktenwald@ZeroBreach.de))", "creation_timestamp": "2026-07-01T08:34:03.308463Z"}</description>
      <content:encoded>{"uuid": "70c8b415-5647-492c-903e-a465a6a4f0a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-51925", "type": "seen", "source": "https://gist.github.com/ZeroBreach-GmbH/09e05b53c3a5e34e9a060860fb2412ba", "content": "##### Description\n\nA Local File Inclusion (LFI) vulnerability exists in the affected web application due to insufficient sanitization of user-supplied input in a file path parameter. Attackers can exploit this flaw to read arbitrary files on the server, including sensitive configuration files, source code or system files.\n\n##### Details\n\n*   **Product:** docuForm FSM Server\n*   **Affected Versions:** 11.11c\n*   **Vulnerability Type:** CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')\n*   **Risk Level:** Medium - CVSS 3.1: 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n*   **Vendor URL:** www.docuform.de\n*   **Vendor acknowledged vulnerability:** Yes\n*   **CVE:** CVE-2026-51925\n\n##### Impact\n\nSuccessful exploitation of this Local File Inclusion vulnerability allows remote attackers to read arbitrary files on the affected server, potentially exposing sensitive information such as configuration files, user credentials or system data like /etc/passwd.\n\n##### References\n\n*   [National Vulnerability Database CVE-2026-51925](https://nvd.nist.gov/vuln/detail/CVE-2026-51925)\n*   [ZeroBreach GmbH - CVE-2026-51925](https://zerobreach.de/blog/security-advisories/CVE-2026-51925.html)\n\n##### Timeline\n\n*   **2025-10:** Vulnerability reported to the vendor.\n*   **2025-11:** Vendor published a fix for the issue.\n*   **2026-06:** Information about the vulnerability is published.\n\n##### Credits\n\n*   Bastian Recktenwald ([Bastian.Recktenwald@ZeroBreach.de](mailto:Bastian.Recktenwald@ZeroBreach.de))", "creation_timestamp": "2026-07-01T08:34:03.308463Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/70c8b415-5647-492c-903e-a465a6a4f0a5/export</guid>
      <pubDate>Wed, 01 Jul 2026 08:34:03 +0000</pubDate>
    </item>
    <item>
      <title>8c549731-dac5-464b-aba7-45ad62c9bd35</title>
      <link>https://vulnerability.circl.lu/sighting/8c549731-dac5-464b-aba7-45ad62c9bd35/export</link>
      <description>{"uuid": "8c549731-dac5-464b-aba7-45ad62c9bd35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-51926", "type": "seen", "source": "https://gist.github.com/ZeroBreach-GmbH/50b019f73861d09a85ddaa8f0f239511", "content": "##### Description\n\nA vulnerability was identified in the authentication mechanism that allows user enumeration through the login interface. An attacker can differentiate between valid and invalid usernames based on variations in server responses. This information can be leveraged to identify existing accounts and facilitate further attacks, including brute-force or credential stuffing.\n\n##### Details\n\n*   **Product:** docuForm FSM Server\n*   **Affected Versions:** 11.11c\n*   **Vulnerability Type:** CWE-204: Observable Response Discrepancy\n*   **Risk Level:** Medium - CVSS 3.1: 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n*   **Vendor URL:** www.docuform.de\n*   **CVE:** CVE-2026-51926\n\n##### Impact\n\nAn attacker can exploit this vulnerability to enumerate valid usernames through the login interface by observing differences in error messages for valid versus invalid usernames. This information disclosure can be used to compile a list of active accounts, which may facilitate targeted brute\u2011force, credential\u2011stuffing or social\u2011engineering attacks against identified users.\n\n##### References\n\n*   [National Vulnerability Database CVE-2026-51926](https://nvd.nist.gov/vuln/detail/CVE-2026-51926)\n*   [ZeroBreach GmbH - CVE-2026-51926](https://zerobreach.de/blog/security-advisories/CVE-2026-51926.html)\n\n##### Timeline\n\n*   **2025-10:** Vulnerability reported to the vendor.\n*   **2025-11:** Vendor published a fix for the issue.\n*   **2026-06:** Information about the vulnerability is published.\n\n##### Credits\n\n*   Bastian Recktenwald ([Bastian.Recktenwald@ZeroBreach.de](mailto:Bastian.Recktenwald@ZeroBreach.de))", "creation_timestamp": "2026-07-01T08:31:20.588803Z"}</description>
      <content:encoded>{"uuid": "8c549731-dac5-464b-aba7-45ad62c9bd35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-51926", "type": "seen", "source": "https://gist.github.com/ZeroBreach-GmbH/50b019f73861d09a85ddaa8f0f239511", "content": "##### Description\n\nA vulnerability was identified in the authentication mechanism that allows user enumeration through the login interface. An attacker can differentiate between valid and invalid usernames based on variations in server responses. This information can be leveraged to identify existing accounts and facilitate further attacks, including brute-force or credential stuffing.\n\n##### Details\n\n*   **Product:** docuForm FSM Server\n*   **Affected Versions:** 11.11c\n*   **Vulnerability Type:** CWE-204: Observable Response Discrepancy\n*   **Risk Level:** Medium - CVSS 3.1: 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n*   **Vendor URL:** www.docuform.de\n*   **CVE:** CVE-2026-51926\n\n##### Impact\n\nAn attacker can exploit this vulnerability to enumerate valid usernames through the login interface by observing differences in error messages for valid versus invalid usernames. This information disclosure can be used to compile a list of active accounts, which may facilitate targeted brute\u2011force, credential\u2011stuffing or social\u2011engineering attacks against identified users.\n\n##### References\n\n*   [National Vulnerability Database CVE-2026-51926](https://nvd.nist.gov/vuln/detail/CVE-2026-51926)\n*   [ZeroBreach GmbH - CVE-2026-51926](https://zerobreach.de/blog/security-advisories/CVE-2026-51926.html)\n\n##### Timeline\n\n*   **2025-10:** Vulnerability reported to the vendor.\n*   **2025-11:** Vendor published a fix for the issue.\n*   **2026-06:** Information about the vulnerability is published.\n\n##### Credits\n\n*   Bastian Recktenwald ([Bastian.Recktenwald@ZeroBreach.de](mailto:Bastian.Recktenwald@ZeroBreach.de))", "creation_timestamp": "2026-07-01T08:31:20.588803Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/8c549731-dac5-464b-aba7-45ad62c9bd35/export</guid>
      <pubDate>Wed, 01 Jul 2026 08:31:20 +0000</pubDate>
    </item>
    <item>
      <title>e1669b9d-6e94-4065-8dfc-b4f12f411603</title>
      <link>https://vulnerability.circl.lu/sighting/e1669b9d-6e94-4065-8dfc-b4f12f411603/export</link>
      <description>{"uuid": "e1669b9d-6e94-4065-8dfc-b4f12f411603", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5192", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml4vbop5o62n", "content": "\ud83d\udfe0 CVE-2026-5192 - High (7.5)\n\nThe Forminator Forms \u2013 Contact Form, Payment Form &amp;amp; Custom Form Builder plugin for WordPress is...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-5192/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-05T19:11:10.380165Z"}</description>
      <content:encoded>{"uuid": "e1669b9d-6e94-4065-8dfc-b4f12f411603", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5192", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml4vbop5o62n", "content": "\ud83d\udfe0 CVE-2026-5192 - High (7.5)\n\nThe Forminator Forms \u2013 Contact Form, Payment Form &amp;amp; Custom Form Builder plugin for WordPress is...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-5192/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-05T19:11:10.380165Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e1669b9d-6e94-4065-8dfc-b4f12f411603/export</guid>
      <pubDate>Tue, 05 May 2026 19:11:10 +0000</pubDate>
    </item>
    <item>
      <title>3f8d8485-f297-4493-96a5-364cdd6fbd0e</title>
      <link>https://vulnerability.circl.lu/sighting/3f8d8485-f297-4493-96a5-364cdd6fbd0e/export</link>
      <description>{"uuid": "3f8d8485-f297-4493-96a5-364cdd6fbd0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5192", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml3ynbiewp2p", "content": "CVE-2026-5192 - Forminator Forms \u2013 Contact Form, Payment Form &amp;amp; Custom Form Builder\nCVE ID : CVE-2026-5192\n \n Published : May 5, 2026, 7:16 a.m. | 1\u00a0hour, 19\u00a0minutes ago\n \n Description : The Forminator Forms \u2013 Contact Form, Payment Form &amp;amp; Custom Form Builder plugin for Wor...", "creation_timestamp": "2026-05-05T10:38:40.136202Z"}</description>
      <content:encoded>{"uuid": "3f8d8485-f297-4493-96a5-364cdd6fbd0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5192", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml3ynbiewp2p", "content": "CVE-2026-5192 - Forminator Forms \u2013 Contact Form, Payment Form &amp;amp; Custom Form Builder\nCVE ID : CVE-2026-5192\n \n Published : May 5, 2026, 7:16 a.m. | 1\u00a0hour, 19\u00a0minutes ago\n \n Description : The Forminator Forms \u2013 Contact Form, Payment Form &amp;amp; Custom Form Builder plugin for Wor...", "creation_timestamp": "2026-05-05T10:38:40.136202Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3f8d8485-f297-4493-96a5-364cdd6fbd0e/export</guid>
      <pubDate>Tue, 05 May 2026 10:38:40 +0000</pubDate>
    </item>
  </channel>
</rss>
