<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 10 Jul 2026 14:21:57 +0000</lastBuildDate>
    <item>
      <title>37eca4da-3cf6-43fb-a933-b60275a91633</title>
      <link>https://vulnerability.circl.lu/sighting/37eca4da-3cf6-43fb-a933-b60275a91633/export</link>
      <description>{"uuid": "37eca4da-3cf6-43fb-a933-b60275a91633", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4080", "type": "seen", "source": "https://t.me/cibsecurity/53222", "content": "\u203c CVE-2022-4080 \u203c\n\nA vulnerability classified as problematic has been found in Opal Login History Plugin. This affects an unknown part of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214047.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-20T16:36:26.000000Z"}</description>
      <content:encoded>{"uuid": "37eca4da-3cf6-43fb-a933-b60275a91633", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4080", "type": "seen", "source": "https://t.me/cibsecurity/53222", "content": "\u203c CVE-2022-4080 \u203c\n\nA vulnerability classified as problematic has been found in Opal Login History Plugin. This affects an unknown part of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214047.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-20T16:36:26.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/37eca4da-3cf6-43fb-a933-b60275a91633/export</guid>
      <pubDate>Sun, 20 Nov 2022 16:36:26 +0000</pubDate>
    </item>
    <item>
      <title>24869b91-6d00-43e0-a698-74d1fa594644</title>
      <link>https://vulnerability.circl.lu/sighting/24869b91-6d00-43e0-a698-74d1fa594644/export</link>
      <description>{"uuid": "24869b91-6d00-43e0-a698-74d1fa594644", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40806", "type": "seen", "source": "https://t.me/cibsecurity/50043", "content": "\u203c CVE-2022-40806 \u203c\n\nThe d8s-uuids for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-19T18:38:14.000000Z"}</description>
      <content:encoded>{"uuid": "24869b91-6d00-43e0-a698-74d1fa594644", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40806", "type": "seen", "source": "https://t.me/cibsecurity/50043", "content": "\u203c CVE-2022-40806 \u203c\n\nThe d8s-uuids for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-19T18:38:14.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/24869b91-6d00-43e0-a698-74d1fa594644/export</guid>
      <pubDate>Mon, 19 Sep 2022 18:38:14 +0000</pubDate>
    </item>
    <item>
      <title>798e3f78-3c22-4ee5-97e6-7305b02aeaeb</title>
      <link>https://vulnerability.circl.lu/sighting/798e3f78-3c22-4ee5-97e6-7305b02aeaeb/export</link>
      <description>{"uuid": "798e3f78-3c22-4ee5-97e6-7305b02aeaeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40807", "type": "seen", "source": "https://t.me/cibsecurity/50042", "content": "\u203c CVE-2022-40807 \u203c\n\nThe d8s-domains for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-19T18:38:12.000000Z"}</description>
      <content:encoded>{"uuid": "798e3f78-3c22-4ee5-97e6-7305b02aeaeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40807", "type": "seen", "source": "https://t.me/cibsecurity/50042", "content": "\u203c CVE-2022-40807 \u203c\n\nThe d8s-domains for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-19T18:38:12.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/798e3f78-3c22-4ee5-97e6-7305b02aeaeb/export</guid>
      <pubDate>Mon, 19 Sep 2022 18:38:12 +0000</pubDate>
    </item>
    <item>
      <title>1adcc3ef-5743-45c3-a745-82b50ec09121</title>
      <link>https://vulnerability.circl.lu/sighting/1adcc3ef-5743-45c3-a745-82b50ec09121/export</link>
      <description>{"uuid": "1adcc3ef-5743-45c3-a745-82b50ec09121", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40808", "type": "seen", "source": "https://t.me/cibsecurity/50040", "content": "\u203c CVE-2022-40808 \u203c\n\nThe d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-19T18:38:10.000000Z"}</description>
      <content:encoded>{"uuid": "1adcc3ef-5743-45c3-a745-82b50ec09121", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40808", "type": "seen", "source": "https://t.me/cibsecurity/50040", "content": "\u203c CVE-2022-40808 \u203c\n\nThe d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-19T18:38:10.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1adcc3ef-5743-45c3-a745-82b50ec09121/export</guid>
      <pubDate>Mon, 19 Sep 2022 18:38:10 +0000</pubDate>
    </item>
  </channel>
</rss>
