<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 17 Jul 2026 06:42:00 +0000</lastBuildDate>
    <item>
      <title>26a76cbc-705d-4ca7-8e1a-32cd153477a3</title>
      <link>https://vulnerability.circl.lu/sighting/26a76cbc-705d-4ca7-8e1a-32cd153477a3/export</link>
      <description>{"uuid": "26a76cbc-705d-4ca7-8e1a-32cd153477a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://threatintel.cc/2026/07/16/hackers-actively-exploiting-sonicwall-sma.html", "content": "Hackers Actively Exploiting SonicWall SMA1000 0-Day Vulnerability in the Wild\n\nThreat actors are actively exploiting SonicWall SMA1000 appliances through a critical SSRF vulnerability (CVE-2026-15409) and a local privilege escalation flaw (CVE-2026-15410) to gain root access and compromise corporate networks. Organizations must urgently patch their systems to the latest firmware versions to mitigate this zero-day threat.", "creation_timestamp": "2026-07-17T01:00:40.462976Z"}</description>
      <content:encoded>{"uuid": "26a76cbc-705d-4ca7-8e1a-32cd153477a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://threatintel.cc/2026/07/16/hackers-actively-exploiting-sonicwall-sma.html", "content": "Hackers Actively Exploiting SonicWall SMA1000 0-Day Vulnerability in the Wild\n\nThreat actors are actively exploiting SonicWall SMA1000 appliances through a critical SSRF vulnerability (CVE-2026-15409) and a local privilege escalation flaw (CVE-2026-15410) to gain root access and compromise corporate networks. Organizations must urgently patch their systems to the latest firmware versions to mitigate this zero-day threat.", "creation_timestamp": "2026-07-17T01:00:40.462976Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/26a76cbc-705d-4ca7-8e1a-32cd153477a3/export</guid>
      <pubDate>Fri, 17 Jul 2026 01:00:40 +0000</pubDate>
    </item>
    <item>
      <title>dd49bacd-77cb-460b-9c52-e8c64fef377d</title>
      <link>https://vulnerability.circl.lu/sighting/dd49bacd-77cb-460b-9c52-e8c64fef377d/export</link>
      <description>{"uuid": "dd49bacd-77cb-460b-9c52-e8c64fef377d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "MISP/84bf4892-91f2-4e0b-a9cb-9131b3dcc07c", "content": "", "creation_timestamp": "2026-07-17T00:15:02.092242Z"}</description>
      <content:encoded>{"uuid": "dd49bacd-77cb-460b-9c52-e8c64fef377d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "MISP/84bf4892-91f2-4e0b-a9cb-9131b3dcc07c", "content": "", "creation_timestamp": "2026-07-17T00:15:02.092242Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/dd49bacd-77cb-460b-9c52-e8c64fef377d/export</guid>
      <pubDate>Fri, 17 Jul 2026 00:15:02 +0000</pubDate>
    </item>
    <item>
      <title>c07f04da-0a54-4f02-a5b8-3d6651f9f064</title>
      <link>https://vulnerability.circl.lu/sighting/c07f04da-0a54-4f02-a5b8-3d6651f9f064/export</link>
      <description>{"uuid": "c07f04da-0a54-4f02-a5b8-3d6651f9f064", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93482", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-15410\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a HORKimhab\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-15 06:10:17\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-15410 - More: https://github.com/HORKimhab/poc-cve-collection\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-17T00:00:53.618366Z"}</description>
      <content:encoded>{"uuid": "c07f04da-0a54-4f02-a5b8-3d6651f9f064", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93482", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-15410\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a HORKimhab\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-15 06:10:17\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-15410 - More: https://github.com/HORKimhab/poc-cve-collection\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-17T00:00:53.618366Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c07f04da-0a54-4f02-a5b8-3d6651f9f064/export</guid>
      <pubDate>Fri, 17 Jul 2026 00:00:53 +0000</pubDate>
    </item>
    <item>
      <title>a0ebc421-531b-48c8-8490-8c9f81c7378a</title>
      <link>https://vulnerability.circl.lu/sighting/a0ebc421-531b-48c8-8490-8c9f81c7378a/export</link>
      <description>{"uuid": "a0ebc421-531b-48c8-8490-8c9f81c7378a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "published-proof-of-concept", "source": "Telegram/gEg0EOaWFFZnEfHhBHmpZpiTrHvldsjFXSF402VZoO1TzNg", "content": "", "creation_timestamp": "2026-07-17T00:00:11.339945Z"}</description>
      <content:encoded>{"uuid": "a0ebc421-531b-48c8-8490-8c9f81c7378a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "published-proof-of-concept", "source": "Telegram/gEg0EOaWFFZnEfHhBHmpZpiTrHvldsjFXSF402VZoO1TzNg", "content": "", "creation_timestamp": "2026-07-17T00:00:11.339945Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a0ebc421-531b-48c8-8490-8c9f81c7378a/export</guid>
      <pubDate>Fri, 17 Jul 2026 00:00:11 +0000</pubDate>
    </item>
    <item>
      <title>6733280c-48b5-4cdc-ae56-184254a7ea20</title>
      <link>https://vulnerability.circl.lu/sighting/6733280c-48b5-4cdc-ae56-184254a7ea20/export</link>
      <description>{"uuid": "6733280c-48b5-4cdc-ae56-184254a7ea20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "published-proof-of-concept", "source": "Telegram/K7c5CNbbPswTRSTuPJgh_t71PDUsbT0WBZTkPH1O8-oYBF8", "content": "", "creation_timestamp": "2026-07-17T00:00:10.619626Z"}</description>
      <content:encoded>{"uuid": "6733280c-48b5-4cdc-ae56-184254a7ea20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "published-proof-of-concept", "source": "Telegram/K7c5CNbbPswTRSTuPJgh_t71PDUsbT0WBZTkPH1O8-oYBF8", "content": "", "creation_timestamp": "2026-07-17T00:00:10.619626Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/6733280c-48b5-4cdc-ae56-184254a7ea20/export</guid>
      <pubDate>Fri, 17 Jul 2026 00:00:10 +0000</pubDate>
    </item>
    <item>
      <title>cb400129-94f0-41ac-9f65-68a646ac55a3</title>
      <link>https://vulnerability.circl.lu/sighting/cb400129-94f0-41ac-9f65-68a646ac55a3/export</link>
      <description>{"uuid": "cb400129-94f0-41ac-9f65-68a646ac55a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/kotosecurity.bsky.social/post/3mqs54435sm2k", "content": "\ud83d\udea8 SonicWall SMA 1000: 2 zero-days actively exploited \u2014 CVE-2026-15409 (CVSS 10.0 SSRF) &amp;amp; CVE-2026-15410 (CVSS 7.2 code injection \u2192 admin cmd exec). Patch to 12.4.3-03453+/12.5.0-02835+.\n\n\ud83d\udd17 https://thehackernews.com/2026/07/two-sonicwall-sma-1000-zero-days.html", "creation_timestamp": "2026-07-16T21:03:05.613146Z"}</description>
      <content:encoded>{"uuid": "cb400129-94f0-41ac-9f65-68a646ac55a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/kotosecurity.bsky.social/post/3mqs54435sm2k", "content": "\ud83d\udea8 SonicWall SMA 1000: 2 zero-days actively exploited \u2014 CVE-2026-15409 (CVSS 10.0 SSRF) &amp;amp; CVE-2026-15410 (CVSS 7.2 code injection \u2192 admin cmd exec). Patch to 12.4.3-03453+/12.5.0-02835+.\n\n\ud83d\udd17 https://thehackernews.com/2026/07/two-sonicwall-sma-1000-zero-days.html", "creation_timestamp": "2026-07-16T21:03:05.613146Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/cb400129-94f0-41ac-9f65-68a646ac55a3/export</guid>
      <pubDate>Thu, 16 Jul 2026 21:03:05 +0000</pubDate>
    </item>
    <item>
      <title>4d65ba48-9936-46c9-9ade-5b3a6eb64723</title>
      <link>https://vulnerability.circl.lu/sighting/4d65ba48-9936-46c9-9ade-5b3a6eb64723/export</link>
      <description>{"uuid": "4d65ba48-9936-46c9-9ade-5b3a6eb64723", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://threatintel.cc/2026/07/16/hackers-actively-exploiting-sonicwall-sma.html", "content": "Hackers Actively Exploiting SonicWall SMA1000 0-Day Vulnerability in the Wild\n\nThreat actors are actively exploiting SonicWall SMA1000 appliances through a critical SSRF vulnerability (CVE-2026-15409) and a local privilege escalation flaw (CVE-2026-15410) to gain root access and compromise corporate networks. Organizations must urgently patch their systems to the latest firmware versions to mitigate this zero-day threat.", "creation_timestamp": "2026-07-16T19:00:40.498712Z"}</description>
      <content:encoded>{"uuid": "4d65ba48-9936-46c9-9ade-5b3a6eb64723", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://threatintel.cc/2026/07/16/hackers-actively-exploiting-sonicwall-sma.html", "content": "Hackers Actively Exploiting SonicWall SMA1000 0-Day Vulnerability in the Wild\n\nThreat actors are actively exploiting SonicWall SMA1000 appliances through a critical SSRF vulnerability (CVE-2026-15409) and a local privilege escalation flaw (CVE-2026-15410) to gain root access and compromise corporate networks. Organizations must urgently patch their systems to the latest firmware versions to mitigate this zero-day threat.", "creation_timestamp": "2026-07-16T19:00:40.498712Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/4d65ba48-9936-46c9-9ade-5b3a6eb64723/export</guid>
      <pubDate>Thu, 16 Jul 2026 19:00:40 +0000</pubDate>
    </item>
    <item>
      <title>a478050d-0161-46aa-bfb0-8e03b27b258b</title>
      <link>https://vulnerability.circl.lu/sighting/a478050d-0161-46aa-bfb0-8e03b27b258b/export</link>
      <description>{"uuid": "a478050d-0161-46aa-bfb0-8e03b27b258b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "Telegram/K7c5CNbbPswTRSTuPJgh_t71PDUsbT0WBZTkPH1O8-oYBF8", "content": "", "creation_timestamp": "2026-07-16T19:00:07.057098Z"}</description>
      <content:encoded>{"uuid": "a478050d-0161-46aa-bfb0-8e03b27b258b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "Telegram/K7c5CNbbPswTRSTuPJgh_t71PDUsbT0WBZTkPH1O8-oYBF8", "content": "", "creation_timestamp": "2026-07-16T19:00:07.057098Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a478050d-0161-46aa-bfb0-8e03b27b258b/export</guid>
      <pubDate>Thu, 16 Jul 2026 19:00:07 +0000</pubDate>
    </item>
    <item>
      <title>13d408e4-f53b-4130-8b5e-914c93a67d09</title>
      <link>https://vulnerability.circl.lu/sighting/13d408e4-f53b-4130-8b5e-914c93a67d09/export</link>
      <description>{"uuid": "13d408e4-f53b-4130-8b5e-914c93a67d09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "Telegram/gEg0EOaWFFZnEfHhBHmpZpiTrHvldsjFXSF402VZoO1TzNg", "content": "", "creation_timestamp": "2026-07-16T19:00:06.535326Z"}</description>
      <content:encoded>{"uuid": "13d408e4-f53b-4130-8b5e-914c93a67d09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "Telegram/gEg0EOaWFFZnEfHhBHmpZpiTrHvldsjFXSF402VZoO1TzNg", "content": "", "creation_timestamp": "2026-07-16T19:00:06.535326Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/13d408e4-f53b-4130-8b5e-914c93a67d09/export</guid>
      <pubDate>Thu, 16 Jul 2026 19:00:06 +0000</pubDate>
    </item>
    <item>
      <title>c6c75f7a-6db1-4a50-8b92-be7dceae595d</title>
      <link>https://vulnerability.circl.lu/sighting/c6c75f7a-6db1-4a50-8b92-be7dceae595d/export</link>
      <description>{"uuid": "c6c75f7a-6db1-4a50-8b92-be7dceae595d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mqrnqiprdk2h", "content": "SonicWall urges immediate patching for two actively exploited zero-days (CVE-2026-15409, CVE-2026-15410) in SMA 1000 series appliances. Flaws are chained for unauthenticated RCE. Both added to CISA KEV. #ZeroDay #SonicWall #InfoSec\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-07-16T16:28:10.266974Z"}</description>
      <content:encoded>{"uuid": "c6c75f7a-6db1-4a50-8b92-be7dceae595d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mqrnqiprdk2h", "content": "SonicWall urges immediate patching for two actively exploited zero-days (CVE-2026-15409, CVE-2026-15410) in SMA 1000 series appliances. Flaws are chained for unauthenticated RCE. Both added to CISA KEV. #ZeroDay #SonicWall #InfoSec\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-07-16T16:28:10.266974Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c6c75f7a-6db1-4a50-8b92-be7dceae595d/export</guid>
      <pubDate>Thu, 16 Jul 2026 16:28:10 +0000</pubDate>
    </item>
  </channel>
</rss>
