<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sun, 19 Jul 2026 21:46:04 +0000</lastBuildDate>
    <item>
      <title>0948f07e-a8fa-4d38-a7b0-a56e2b618280</title>
      <link>https://vulnerability.circl.lu/sighting/0948f07e-a8fa-4d38-a7b0-a56e2b618280/export</link>
      <description>{"uuid": "0948f07e-a8fa-4d38-a7b0-a56e2b618280", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71332", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqm2ulapbn2l", "content": "\ud83d\udccc CVE-2025-71332 - Flowise through 2.2.7 contains a SQL injection vulnerability in the importChatflows API. Due to insufficient validation of the chatflow.id value, an a... https://www.cyberhub.blog/cves/CVE-2025-71332", "creation_timestamp": "2026-07-14T11:07:06.856603Z"}</description>
      <content:encoded>{"uuid": "0948f07e-a8fa-4d38-a7b0-a56e2b618280", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71332", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqm2ulapbn2l", "content": "\ud83d\udccc CVE-2025-71332 - Flowise through 2.2.7 contains a SQL injection vulnerability in the importChatflows API. Due to insufficient validation of the chatflow.id value, an a... https://www.cyberhub.blog/cves/CVE-2025-71332", "creation_timestamp": "2026-07-14T11:07:06.856603Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0948f07e-a8fa-4d38-a7b0-a56e2b618280/export</guid>
      <pubDate>Tue, 14 Jul 2026 11:07:06 +0000</pubDate>
    </item>
    <item>
      <title>7755fd77-9704-4a92-ad05-227e5a44a15e</title>
      <link>https://vulnerability.circl.lu/sighting/7755fd77-9704-4a92-ad05-227e5a44a15e/export</link>
      <description>{"uuid": "7755fd77-9704-4a92-ad05-227e5a44a15e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71335", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqiwbwp6dj2m", "content": "\ud83d\udccc CVE-2025-71335 - Flowise before 3.0.10 (affected versions 3.0.7 and earlier) fails to invalidate existing sessions and session tokens after a user changes their passwo... https://www.cyberhub.blog/cves/CVE-2025-71335", "creation_timestamp": "2026-07-13T05:07:07.852935Z"}</description>
      <content:encoded>{"uuid": "7755fd77-9704-4a92-ad05-227e5a44a15e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71335", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqiwbwp6dj2m", "content": "\ud83d\udccc CVE-2025-71335 - Flowise before 3.0.10 (affected versions 3.0.7 and earlier) fails to invalidate existing sessions and session tokens after a user changes their passwo... https://www.cyberhub.blog/cves/CVE-2025-71335", "creation_timestamp": "2026-07-13T05:07:07.852935Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7755fd77-9704-4a92-ad05-227e5a44a15e/export</guid>
      <pubDate>Mon, 13 Jul 2026 05:07:07 +0000</pubDate>
    </item>
    <item>
      <title>39bea0f5-bac9-40f6-a927-759fa29e1aec</title>
      <link>https://vulnerability.circl.lu/sighting/39bea0f5-bac9-40f6-a927-759fa29e1aec/export</link>
      <description>{"uuid": "39bea0f5-bac9-40f6-a927-759fa29e1aec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71337", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqc4e6fhnr2m", "content": "\ud83d\udccc CVE-2025-71337 - Flowise before 3.0.10 (affected versions 3.0.7 and earlier) contains an unverified email change vulnerability. An authenticated user can change the ac... https://www.cyberhub.blog/cves/CVE-2025-71337", "creation_timestamp": "2026-07-10T12:07:10.269184Z"}</description>
      <content:encoded>{"uuid": "39bea0f5-bac9-40f6-a927-759fa29e1aec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71337", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqc4e6fhnr2m", "content": "\ud83d\udccc CVE-2025-71337 - Flowise before 3.0.10 (affected versions 3.0.7 and earlier) contains an unverified email change vulnerability. An authenticated user can change the ac... https://www.cyberhub.blog/cves/CVE-2025-71337", "creation_timestamp": "2026-07-10T12:07:10.269184Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/39bea0f5-bac9-40f6-a927-759fa29e1aec/export</guid>
      <pubDate>Fri, 10 Jul 2026 12:07:10 +0000</pubDate>
    </item>
    <item>
      <title>10cf3fda-146f-493d-8caf-d2a17b9d09c5</title>
      <link>https://vulnerability.circl.lu/sighting/10cf3fda-146f-493d-8caf-d2a17b9d09c5/export</link>
      <description>{"uuid": "10cf3fda-146f-493d-8caf-d2a17b9d09c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71336", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpnej4hsra22", "content": "\ud83d\udccc CVE-2025-71336 - Flowise before 3.0.6 (affected versions 2.2.7-patch.1 and earlier) contains an unsandboxed remote code execution vulnerability in the Custom MCP featu... https://www.cyberhub.blog/cves/CVE-2025-71336", "creation_timestamp": "2026-07-02T06:07:08.217716Z"}</description>
      <content:encoded>{"uuid": "10cf3fda-146f-493d-8caf-d2a17b9d09c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71336", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpnej4hsra22", "content": "\ud83d\udccc CVE-2025-71336 - Flowise before 3.0.6 (affected versions 2.2.7-patch.1 and earlier) contains an unsandboxed remote code execution vulnerability in the Custom MCP featu... https://www.cyberhub.blog/cves/CVE-2025-71336", "creation_timestamp": "2026-07-02T06:07:08.217716Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/10cf3fda-146f-493d-8caf-d2a17b9d09c5/export</guid>
      <pubDate>Thu, 02 Jul 2026 06:07:08 +0000</pubDate>
    </item>
    <item>
      <title>36156560-6b0c-4384-aed8-6b52489dc0d3</title>
      <link>https://vulnerability.circl.lu/sighting/36156560-6b0c-4384-aed8-6b52489dc0d3/export</link>
      <description>{"uuid": "36156560-6b0c-4384-aed8-6b52489dc0d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71334", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpnctgoik62a", "content": "\ud83d\udccc CVE-2025-71334 - Flowise before 3.0.6 (affected versions 2.2.8 and earlier) contains an arbitrary file access vulnerability due to missing validation that the chatflow... https://www.cyberhub.blog/cves/CVE-2025-71334", "creation_timestamp": "2026-07-02T05:37:06.605768Z"}</description>
      <content:encoded>{"uuid": "36156560-6b0c-4384-aed8-6b52489dc0d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71334", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpnctgoik62a", "content": "\ud83d\udccc CVE-2025-71334 - Flowise before 3.0.6 (affected versions 2.2.8 and earlier) contains an arbitrary file access vulnerability due to missing validation that the chatflow... https://www.cyberhub.blog/cves/CVE-2025-71334", "creation_timestamp": "2026-07-02T05:37:06.605768Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/36156560-6b0c-4384-aed8-6b52489dc0d3/export</guid>
      <pubDate>Thu, 02 Jul 2026 05:37:06 +0000</pubDate>
    </item>
    <item>
      <title>c0a7c3f7-4f69-49d5-bf7e-d5b52ca54e99</title>
      <link>https://vulnerability.circl.lu/sighting/c0a7c3f7-4f69-49d5-bf7e-d5b52ca54e99/export</link>
      <description>{"uuid": "c0a7c3f7-4f69-49d5-bf7e-d5b52ca54e99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71333", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpnb5sdxo22f", "content": "\ud83d\udccc CVE-2025-71333 - Flowise through 2.2.4 contains an unauthenticated arbitrary file upload vulnerability in the /api/v1/attachments endpoint when storageType is set to l... https://www.cyberhub.blog/cves/CVE-2025-71333", "creation_timestamp": "2026-07-02T05:07:06.832853Z"}</description>
      <content:encoded>{"uuid": "c0a7c3f7-4f69-49d5-bf7e-d5b52ca54e99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71333", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpnb5sdxo22f", "content": "\ud83d\udccc CVE-2025-71333 - Flowise through 2.2.4 contains an unauthenticated arbitrary file upload vulnerability in the /api/v1/attachments endpoint when storageType is set to l... https://www.cyberhub.blog/cves/CVE-2025-71333", "creation_timestamp": "2026-07-02T05:07:06.832853Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c0a7c3f7-4f69-49d5-bf7e-d5b52ca54e99/export</guid>
      <pubDate>Thu, 02 Jul 2026 05:07:06 +0000</pubDate>
    </item>
    <item>
      <title>778d3254-4e3d-4281-a49d-f6987d515c2f</title>
      <link>https://vulnerability.circl.lu/sighting/778d3254-4e3d-4281-a49d-f6987d515c2f/export</link>
      <description>{"uuid": "778d3254-4e3d-4281-a49d-f6987d515c2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71338", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpn44u4jri2o", "content": "\ud83d\udccc CVE-2025-71338 - Flowise contains a path traversal vulnerability in the /api/v1/document-store/loader/process endpoint that allows unauthenticated attackers to write a... https://www.cyberhub.blog/cves/CVE-2025-71338", "creation_timestamp": "2026-07-02T03:37:45.227566Z"}</description>
      <content:encoded>{"uuid": "778d3254-4e3d-4281-a49d-f6987d515c2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71338", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpn44u4jri2o", "content": "\ud83d\udccc CVE-2025-71338 - Flowise contains a path traversal vulnerability in the /api/v1/document-store/loader/process endpoint that allows unauthenticated attackers to write a... https://www.cyberhub.blog/cves/CVE-2025-71338", "creation_timestamp": "2026-07-02T03:37:45.227566Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/778d3254-4e3d-4281-a49d-f6987d515c2f/export</guid>
      <pubDate>Thu, 02 Jul 2026 03:37:45 +0000</pubDate>
    </item>
    <item>
      <title>6ed33f53-6215-49b8-af29-3da724e37e3e</title>
      <link>https://vulnerability.circl.lu/sighting/6ed33f53-6215-49b8-af29-3da724e37e3e/export</link>
      <description>{"uuid": "6ed33f53-6215-49b8-af29-3da724e37e3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71334", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmopslqvg2o", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2025-71334 \u0432 Flowise: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/3261E185-26D3-4B30-9CDB-F906B349320C", "creation_timestamp": "2026-07-01T23:37:09.866155Z"}</description>
      <content:encoded>{"uuid": "6ed33f53-6215-49b8-af29-3da724e37e3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71334", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmopslqvg2o", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2025-71334 \u0432 Flowise: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/3261E185-26D3-4B30-9CDB-F906B349320C", "creation_timestamp": "2026-07-01T23:37:09.866155Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/6ed33f53-6215-49b8-af29-3da724e37e3e/export</guid>
      <pubDate>Wed, 01 Jul 2026 23:37:09 +0000</pubDate>
    </item>
    <item>
      <title>674a557a-f061-47b2-b3a1-811ab2a11438</title>
      <link>https://vulnerability.circl.lu/sighting/674a557a-f061-47b2-b3a1-811ab2a11438/export</link>
      <description>{"uuid": "674a557a-f061-47b2-b3a1-811ab2a11438", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71333", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmolxzozw2o", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2025-71333 \u0432 Flowise: \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0443\u0433\u0440\u043e\u0437\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\n\n\n\nhttps://kripta.biz/posts/70BF9BB3-14CE-4E9C-8318-79B688FD2A61", "creation_timestamp": "2026-07-01T23:35:01.457652Z"}</description>
      <content:encoded>{"uuid": "674a557a-f061-47b2-b3a1-811ab2a11438", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71333", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmolxzozw2o", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2025-71333 \u0432 Flowise: \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0443\u0433\u0440\u043e\u0437\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\n\n\n\nhttps://kripta.biz/posts/70BF9BB3-14CE-4E9C-8318-79B688FD2A61", "creation_timestamp": "2026-07-01T23:35:01.457652Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/674a557a-f061-47b2-b3a1-811ab2a11438/export</guid>
      <pubDate>Wed, 01 Jul 2026 23:35:01 +0000</pubDate>
    </item>
    <item>
      <title>db1aec51-aaee-456d-a7fc-00d2d8823342</title>
      <link>https://vulnerability.circl.lu/sighting/db1aec51-aaee-456d-a7fc-00d2d8823342/export</link>
      <description>{"uuid": "db1aec51-aaee-456d-a7fc-00d2d8823342", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71338", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmoiwv4gv22", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2025-71338 \u0432 Flowise: \u043f\u0443\u0442\u044c \u043a \u0442\u0440\u0430\u0432\u0435\u0440\u0441\u0430\u043b\u0443 \u0438 \u0437\u0430\u0449\u0438\u0442\u0430 \u0434\u0430\u043d\u043d\u044b\u0445\n\n\n\nhttps://kripta.biz/posts/EE8DF722-2E58-40EE-872D-C4B19D08ECF2", "creation_timestamp": "2026-07-01T23:33:19.803893Z"}</description>
      <content:encoded>{"uuid": "db1aec51-aaee-456d-a7fc-00d2d8823342", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71338", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmoiwv4gv22", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2025-71338 \u0432 Flowise: \u043f\u0443\u0442\u044c \u043a \u0442\u0440\u0430\u0432\u0435\u0440\u0441\u0430\u043b\u0443 \u0438 \u0437\u0430\u0449\u0438\u0442\u0430 \u0434\u0430\u043d\u043d\u044b\u0445\n\n\n\nhttps://kripta.biz/posts/EE8DF722-2E58-40EE-872D-C4B19D08ECF2", "creation_timestamp": "2026-07-01T23:33:19.803893Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/db1aec51-aaee-456d-a7fc-00d2d8823342/export</guid>
      <pubDate>Wed, 01 Jul 2026 23:33:19 +0000</pubDate>
    </item>
  </channel>
</rss>
