<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sat, 11 Jul 2026 13:03:20 +0000</lastBuildDate>
    <item>
      <title>d1bd056c-5392-46f5-83c9-ea2e583ec713</title>
      <link>https://vulnerability.circl.lu/sighting/d1bd056c-5392-46f5-83c9-ea2e583ec713/export</link>
      <description>{"uuid": "d1bd056c-5392-46f5-83c9-ea2e583ec713", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-57807", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqdobmy6nq2d", "content": "miniOrange OAuth SSO (&amp;lt;=38.5.8) is affected by CRITICAL CVE-2026-57807: authentication bypass via password recovery. No patch \u2014 watch for updates and secure affected systems. https://radar.offseq.com/threat/cve-2026-57807-cwe-288-authentication-bypass-using-85e6dbb16ac48da8 #OffSeq #OAuth #Vulner...", "creation_timestamp": "2026-07-11T03:00:28.627120Z"}</description>
      <content:encoded>{"uuid": "d1bd056c-5392-46f5-83c9-ea2e583ec713", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-57807", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqdobmy6nq2d", "content": "miniOrange OAuth SSO (&amp;lt;=38.5.8) is affected by CRITICAL CVE-2026-57807: authentication bypass via password recovery. No patch \u2014 watch for updates and secure affected systems. https://radar.offseq.com/threat/cve-2026-57807-cwe-288-authentication-bypass-using-85e6dbb16ac48da8 #OffSeq #OAuth #Vulner...", "creation_timestamp": "2026-07-11T03:00:28.627120Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d1bd056c-5392-46f5-83c9-ea2e583ec713/export</guid>
      <pubDate>Sat, 11 Jul 2026 03:00:28 +0000</pubDate>
    </item>
    <item>
      <title>6520bdb9-8fcc-4cb2-a602-466bc3e9031a</title>
      <link>https://vulnerability.circl.lu/sighting/6520bdb9-8fcc-4cb2-a602-466bc3e9031a/export</link>
      <description>{"uuid": "6520bdb9-8fcc-4cb2-a602-466bc3e9031a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-57807", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116899107707038521", "content": "CVE-2026-57807 | CRITICAL auth bypass in miniOrange OAuth SSO (&amp;lt;=38.5.8). Exploit via password recovery threatens full compromise. No patch yet \u2014 monitor for vendor updates. https://radar.offseq.com/threat/cve-2026-57807-cwe-288-authentication-bypass-using-85e6dbb16ac48da8 #OffSeq #CVE202657807 #OAuth #Security", "creation_timestamp": "2026-07-11T03:00:26.831919Z"}</description>
      <content:encoded>{"uuid": "6520bdb9-8fcc-4cb2-a602-466bc3e9031a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-57807", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116899107707038521", "content": "CVE-2026-57807 | CRITICAL auth bypass in miniOrange OAuth SSO (&amp;lt;=38.5.8). Exploit via password recovery threatens full compromise. No patch yet \u2014 monitor for vendor updates. https://radar.offseq.com/threat/cve-2026-57807-cwe-288-authentication-bypass-using-85e6dbb16ac48da8 #OffSeq #CVE202657807 #OAuth #Security", "creation_timestamp": "2026-07-11T03:00:26.831919Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/6520bdb9-8fcc-4cb2-a602-466bc3e9031a/export</guid>
      <pubDate>Sat, 11 Jul 2026 03:00:26 +0000</pubDate>
    </item>
    <item>
      <title>5db1ac1b-5fd3-4823-a374-673ddf3b3e25</title>
      <link>https://vulnerability.circl.lu/sighting/5db1ac1b-5fd3-4823-a374-673ddf3b3e25/export</link>
      <description>{"uuid": "5db1ac1b-5fd3-4823-a374-673ddf3b3e25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57807", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdmq2jue32e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-57807 \u0432 miniOrange: \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u043d\u044b\u0439 \u043a\u0430\u043d\u0430\u043b\n\n\n\nhttps://kripta.biz/posts/6228B95A-3683-4D68-A0DF-456519ACB9CF", "creation_timestamp": "2026-07-11T02:32:44.578138Z"}</description>
      <content:encoded>{"uuid": "5db1ac1b-5fd3-4823-a374-673ddf3b3e25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57807", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdmq2jue32e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-57807 \u0432 miniOrange: \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u043d\u044b\u0439 \u043a\u0430\u043d\u0430\u043b\n\n\n\nhttps://kripta.biz/posts/6228B95A-3683-4D68-A0DF-456519ACB9CF", "creation_timestamp": "2026-07-11T02:32:44.578138Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5db1ac1b-5fd3-4823-a374-673ddf3b3e25/export</guid>
      <pubDate>Sat, 11 Jul 2026 02:32:44 +0000</pubDate>
    </item>
    <item>
      <title>6ae77f09-571f-490a-89c7-0bc64d17c3be</title>
      <link>https://vulnerability.circl.lu/sighting/6ae77f09-571f-490a-89c7-0bc64d17c3be/export</link>
      <description>{"uuid": "6ae77f09-571f-490a-89c7-0bc64d17c3be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57807", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqdbxlqail22", "content": "CVE-2026-57807 - oauth single sign on - sso (oauth client)\nA security issue in miniOrange's OAuth Single Sign On (SSO) software allows attackers to bypass authentication using an alternative method. This affects all versions\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-10T23:20:06.351104Z"}</description>
      <content:encoded>{"uuid": "6ae77f09-571f-490a-89c7-0bc64d17c3be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57807", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqdbxlqail22", "content": "CVE-2026-57807 - oauth single sign on - sso (oauth client)\nA security issue in miniOrange's OAuth Single Sign On (SSO) software allows attackers to bypass authentication using an alternative method. This affects all versions\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-10T23:20:06.351104Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/6ae77f09-571f-490a-89c7-0bc64d17c3be/export</guid>
      <pubDate>Fri, 10 Jul 2026 23:20:06 +0000</pubDate>
    </item>
    <item>
      <title>2dd5ca91-708d-4575-938d-7595ebe21d36</title>
      <link>https://vulnerability.circl.lu/sighting/2dd5ca91-708d-4575-938d-7595ebe21d36/export</link>
      <description>{"uuid": "2dd5ca91-708d-4575-938d-7595ebe21d36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57807", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqd5js45ha2w", "content": "\ud83d\udd34 CVE-2026-57807 - Critical (9.8)\n\nAuthentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Security Sof...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-57807/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-10T22:00:48.866242Z"}</description>
      <content:encoded>{"uuid": "2dd5ca91-708d-4575-938d-7595ebe21d36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57807", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqd5js45ha2w", "content": "\ud83d\udd34 CVE-2026-57807 - Critical (9.8)\n\nAuthentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Security Sof...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-57807/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-10T22:00:48.866242Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/2dd5ca91-708d-4575-938d-7595ebe21d36/export</guid>
      <pubDate>Fri, 10 Jul 2026 22:00:48 +0000</pubDate>
    </item>
  </channel>
</rss>
