<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Thu, 09 Jul 2026 14:48:23 +0000</lastBuildDate>
    <item>
      <title>b25b96d0-db31-43e0-aa23-11733c5246e9</title>
      <link>https://vulnerability.circl.lu/sighting/b25b96d0-db31-43e0-aa23-11733c5246e9/export</link>
      <description>{"uuid": "b25b96d0-db31-43e0-aa23-11733c5246e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12686", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpy2rdjfhx2q", "content": "CVE-2026-12686 - Incorrect authorisation in Adiss\u2019s Biloop\nCVE ID : CVE-2026-12686\n \n Published : July 6, 2026, 11:16 a.m. | 31\u00a0minutes ago\n \n Description : An authenticated user could manipulate a company ID parameter in a POST request to the backend to gain unauthorised acce...", "creation_timestamp": "2026-07-06T12:12:06.065584Z"}</description>
      <content:encoded>{"uuid": "b25b96d0-db31-43e0-aa23-11733c5246e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12686", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpy2rdjfhx2q", "content": "CVE-2026-12686 - Incorrect authorisation in Adiss\u2019s Biloop\nCVE ID : CVE-2026-12686\n \n Published : July 6, 2026, 11:16 a.m. | 31\u00a0minutes ago\n \n Description : An authenticated user could manipulate a company ID parameter in a POST request to the backend to gain unauthorised acce...", "creation_timestamp": "2026-07-06T12:12:06.065584Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b25b96d0-db31-43e0-aa23-11733c5246e9/export</guid>
      <pubDate>Mon, 06 Jul 2026 12:12:06 +0000</pubDate>
    </item>
    <item>
      <title>ea396b7e-fb4c-4c05-90a4-756babfebf53</title>
      <link>https://vulnerability.circl.lu/sighting/ea396b7e-fb4c-4c05-90a4-756babfebf53/export</link>
      <description>{"uuid": "ea396b7e-fb4c-4c05-90a4-756babfebf53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12686", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpy2k7rycx2i", "content": "CVE-2026-12686\nAdobe Commerce does not properly check user access to company data, which means an authenticated user could see or change sensitive information from other companies hosted on the same website. This could lead\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-06T12:08:04.530185Z"}</description>
      <content:encoded>{"uuid": "ea396b7e-fb4c-4c05-90a4-756babfebf53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12686", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpy2k7rycx2i", "content": "CVE-2026-12686\nAdobe Commerce does not properly check user access to company data, which means an authenticated user could see or change sensitive information from other companies hosted on the same website. This could lead\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-06T12:08:04.530185Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ea396b7e-fb4c-4c05-90a4-756babfebf53/export</guid>
      <pubDate>Mon, 06 Jul 2026 12:08:04 +0000</pubDate>
    </item>
    <item>
      <title>2d076412-4c69-48af-8fe1-df13f78fe9e5</title>
      <link>https://vulnerability.circl.lu/sighting/2d076412-4c69-48af-8fe1-df13f78fe9e5/export</link>
      <description>{"uuid": "2d076412-4c69-48af-8fe1-df13f78fe9e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12686", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mpxv3qz2ph2g", "content": "CRITICAL vuln in Adiss Biloop v6.1.1: Authenticated users can access and modify other tenants\u2019 data via company ID parameter manipulation. Review and tighten access controls. https://radar.offseq.com/threat/cve-2026-12686-cwe-639-authorization-bypass-throug-3166bcbbfec7c2c9 #OffSeq #CVE202612686 ...", "creation_timestamp": "2026-07-06T10:30:30.845383Z"}</description>
      <content:encoded>{"uuid": "2d076412-4c69-48af-8fe1-df13f78fe9e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12686", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mpxv3qz2ph2g", "content": "CRITICAL vuln in Adiss Biloop v6.1.1: Authenticated users can access and modify other tenants\u2019 data via company ID parameter manipulation. Review and tighten access controls. https://radar.offseq.com/threat/cve-2026-12686-cwe-639-authorization-bypass-throug-3166bcbbfec7c2c9 #OffSeq #CVE202612686 ...", "creation_timestamp": "2026-07-06T10:30:30.845383Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/2d076412-4c69-48af-8fe1-df13f78fe9e5/export</guid>
      <pubDate>Mon, 06 Jul 2026 10:30:30 +0000</pubDate>
    </item>
    <item>
      <title>ee88c45c-006d-4aff-8f58-a322a3fc1aaa</title>
      <link>https://vulnerability.circl.lu/sighting/ee88c45c-006d-4aff-8f58-a322a3fc1aaa/export</link>
      <description>{"uuid": "ee88c45c-006d-4aff-8f58-a322a3fc1aaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12686", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116872565768512647", "content": "Adiss Biloop v6.1.1: CRITICAL CVE-2026-12686 enables authenticated users to bypass authorization via manipulated company ID, exposing cross-tenant data. Monitor logs and limit exposure while awaiting patch. https://radar.offseq.com/threat/cve-2026-12686-cwe-639-authorization-bypass-throug-3166bcbbfec7c2c9 #OffSeq #CVE202612686 #infosec #vuln", "creation_timestamp": "2026-07-06T10:30:28.977091Z"}</description>
      <content:encoded>{"uuid": "ee88c45c-006d-4aff-8f58-a322a3fc1aaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12686", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116872565768512647", "content": "Adiss Biloop v6.1.1: CRITICAL CVE-2026-12686 enables authenticated users to bypass authorization via manipulated company ID, exposing cross-tenant data. Monitor logs and limit exposure while awaiting patch. https://radar.offseq.com/threat/cve-2026-12686-cwe-639-authorization-bypass-throug-3166bcbbfec7c2c9 #OffSeq #CVE202612686 #infosec #vuln", "creation_timestamp": "2026-07-06T10:30:28.977091Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ee88c45c-006d-4aff-8f58-a322a3fc1aaa/export</guid>
      <pubDate>Mon, 06 Jul 2026 10:30:28 +0000</pubDate>
    </item>
  </channel>
</rss>
