<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 17 Jul 2026 23:42:45 +0000</lastBuildDate>
    <item>
      <title>07e98df3-6d8c-4b8e-97f8-6eec7086c666</title>
      <link>https://vulnerability.circl.lu/sighting/07e98df3-6d8c-4b8e-97f8-6eec7086c666/export</link>
      <description>{"uuid": "07e98df3-6d8c-4b8e-97f8-6eec7086c666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "Telegram/FdcDblJgpr4Bk1hzBo52CEMZWjwW5t7MZ6W5ZLgqcoUP2nQ", "content": "", "creation_timestamp": "2026-07-17T00:00:48.743285Z"}</description>
      <content:encoded>{"uuid": "07e98df3-6d8c-4b8e-97f8-6eec7086c666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "Telegram/FdcDblJgpr4Bk1hzBo52CEMZWjwW5t7MZ6W5ZLgqcoUP2nQ", "content": "", "creation_timestamp": "2026-07-17T00:00:48.743285Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/07e98df3-6d8c-4b8e-97f8-6eec7086c666/export</guid>
      <pubDate>Fri, 17 Jul 2026 00:00:48 +0000</pubDate>
    </item>
    <item>
      <title>d5b6785c-1b27-4a74-badb-98434b6a0c96</title>
      <link>https://vulnerability.circl.lu/sighting/d5b6785c-1b27-4a74-badb-98434b6a0c96/export</link>
      <description>{"uuid": "d5b6785c-1b27-4a74-badb-98434b6a0c96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "published-proof-of-concept", "source": "Telegram/eLMxAxOv6CPS5Cv23ai3j3OmcVBUkQSKzJA_dC_EZ3dC-w", "content": "", "creation_timestamp": "2026-07-17T00:00:10.754099Z"}</description>
      <content:encoded>{"uuid": "d5b6785c-1b27-4a74-badb-98434b6a0c96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "published-proof-of-concept", "source": "Telegram/eLMxAxOv6CPS5Cv23ai3j3OmcVBUkQSKzJA_dC_EZ3dC-w", "content": "", "creation_timestamp": "2026-07-17T00:00:10.754099Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d5b6785c-1b27-4a74-badb-98434b6a0c96/export</guid>
      <pubDate>Fri, 17 Jul 2026 00:00:10 +0000</pubDate>
    </item>
    <item>
      <title>ac5cce1f-4186-4517-9421-359cb2633020</title>
      <link>https://vulnerability.circl.lu/sighting/ac5cce1f-4186-4517-9421-359cb2633020/export</link>
      <description>{"uuid": "ac5cce1f-4186-4517-9421-359cb2633020", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "Telegram/eLMxAxOv6CPS5Cv23ai3j3OmcVBUkQSKzJA_dC_EZ3dC-w", "content": "", "creation_timestamp": "2026-07-16T21:00:03.590199Z"}</description>
      <content:encoded>{"uuid": "ac5cce1f-4186-4517-9421-359cb2633020", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "Telegram/eLMxAxOv6CPS5Cv23ai3j3OmcVBUkQSKzJA_dC_EZ3dC-w", "content": "", "creation_timestamp": "2026-07-16T21:00:03.590199Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ac5cce1f-4186-4517-9421-359cb2633020/export</guid>
      <pubDate>Thu, 16 Jul 2026 21:00:03 +0000</pubDate>
    </item>
    <item>
      <title>b7e03c41-c6fb-4971-b904-9c2e6a0758e4</title>
      <link>https://vulnerability.circl.lu/sighting/b7e03c41-c6fb-4971-b904-9c2e6a0758e4/export</link>
      <description>{"uuid": "b7e03c41-c6fb-4971-b904-9c2e6a0758e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "Telegram/FdcDblJgpr4Bk1hzBo52CEMZWjwW5t7MZ6W5ZLgqcoUP2nQ", "content": "", "creation_timestamp": "2026-07-16T19:00:31.831229Z"}</description>
      <content:encoded>{"uuid": "b7e03c41-c6fb-4971-b904-9c2e6a0758e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "Telegram/FdcDblJgpr4Bk1hzBo52CEMZWjwW5t7MZ6W5ZLgqcoUP2nQ", "content": "", "creation_timestamp": "2026-07-16T19:00:31.831229Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b7e03c41-c6fb-4971-b904-9c2e6a0758e4/export</guid>
      <pubDate>Thu, 16 Jul 2026 19:00:31 +0000</pubDate>
    </item>
    <item>
      <title>1c5740e4-d791-4c3d-8e27-743501d21682</title>
      <link>https://vulnerability.circl.lu/sighting/1c5740e4-d791-4c3d-8e27-743501d21682/export</link>
      <description>{"uuid": "1c5740e4-d791-4c3d-8e27-743501d21682", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "exploited", "source": "https://t.me/thehackernews/9343", "content": "CISA just added a Cisco Unified CM flaw to its exploited bugs list.\n\nDefused Cyber says CVE-2026-20230 is being exploited from a single source using an unvetted PoC.\n\nThe bug can allow unauthenticated SSRF and file writes when WebDialer is enabled.\n\nThe technical trail is here: https://thehackernews.com/2026/06/cisco-unified-cm-flaw-exploited-after.html", "creation_timestamp": "2026-07-16T00:00:10.767329Z"}</description>
      <content:encoded>{"uuid": "1c5740e4-d791-4c3d-8e27-743501d21682", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "exploited", "source": "https://t.me/thehackernews/9343", "content": "CISA just added a Cisco Unified CM flaw to its exploited bugs list.\n\nDefused Cyber says CVE-2026-20230 is being exploited from a single source using an unvetted PoC.\n\nThe bug can allow unauthenticated SSRF and file writes when WebDialer is enabled.\n\nThe technical trail is here: https://thehackernews.com/2026/06/cisco-unified-cm-flaw-exploited-after.html", "creation_timestamp": "2026-07-16T00:00:10.767329Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1c5740e4-d791-4c3d-8e27-743501d21682/export</guid>
      <pubDate>Thu, 16 Jul 2026 00:00:10 +0000</pubDate>
    </item>
    <item>
      <title>17cc93dc-57e0-4743-a6d9-32615bf528d4</title>
      <link>https://vulnerability.circl.lu/sighting/17cc93dc-57e0-4743-a6d9-32615bf528d4/export</link>
      <description>{"uuid": "17cc93dc-57e0-4743-a6d9-32615bf528d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "exploited", "source": "https://t.me/thehackernews/9314", "content": "\ud83d\uded1 Cisco Unified CM admins should check WebDialer now.\n\nCVE-2026-20230 is being exploited, and vulnerable WebDialer-enabled systems can be abused by unauthenticated attackers to write files.\n\nCisco patched it in 14SU6 and 15SU5.\n\nRead: https://thehackernews.com/2026/06/cisco-unified-cm-flaw-exploited-after.html", "creation_timestamp": "2026-07-16T00:00:10.568915Z"}</description>
      <content:encoded>{"uuid": "17cc93dc-57e0-4743-a6d9-32615bf528d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "exploited", "source": "https://t.me/thehackernews/9314", "content": "\ud83d\uded1 Cisco Unified CM admins should check WebDialer now.\n\nCVE-2026-20230 is being exploited, and vulnerable WebDialer-enabled systems can be abused by unauthenticated attackers to write files.\n\nCisco patched it in 14SU6 and 15SU5.\n\nRead: https://thehackernews.com/2026/06/cisco-unified-cm-flaw-exploited-after.html", "creation_timestamp": "2026-07-16T00:00:10.568915Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/17cc93dc-57e0-4743-a6d9-32615bf528d4/export</guid>
      <pubDate>Thu, 16 Jul 2026 00:00:10 +0000</pubDate>
    </item>
    <item>
      <title>960b7d94-9266-44ba-a368-7d79f1b6ce6d</title>
      <link>https://vulnerability.circl.lu/sighting/960b7d94-9266-44ba-a368-7d79f1b6ce6d/export</link>
      <description>{"uuid": "960b7d94-9266-44ba-a368-7d79f1b6ce6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/9156", "content": "\ud83d\udea8 No auth required ... a crafted web request to Cisco Unified CM can write files to the OS and open a path to root.\n\nCVE-2026-20230 patch is out, PoC exploit is public, and no attacks yet. Only bites if WebDialer is ON.\n\nFix: 14SU6 / COP / 15SU5, or kill WebDialer. \n\nRead: https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html", "creation_timestamp": "2026-07-16T00:00:09.138135Z"}</description>
      <content:encoded>{"uuid": "960b7d94-9266-44ba-a368-7d79f1b6ce6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/9156", "content": "\ud83d\udea8 No auth required ... a crafted web request to Cisco Unified CM can write files to the OS and open a path to root.\n\nCVE-2026-20230 patch is out, PoC exploit is public, and no attacks yet. Only bites if WebDialer is ON.\n\nFix: 14SU6 / COP / 15SU5, or kill WebDialer. \n\nRead: https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html", "creation_timestamp": "2026-07-16T00:00:09.138135Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/960b7d94-9266-44ba-a368-7d79f1b6ce6d/export</guid>
      <pubDate>Thu, 16 Jul 2026 00:00:09 +0000</pubDate>
    </item>
    <item>
      <title>9e3fa9fe-9e4f-4c63-8891-89ddeec9d548</title>
      <link>https://vulnerability.circl.lu/sighting/9e3fa9fe-9e4f-4c63-8891-89ddeec9d548/export</link>
      <description>{"uuid": "9e3fa9fe-9e4f-4c63-8891-89ddeec9d548", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "exploited", "source": "https://t.me/information_security_channel/55466", "content": "Hackers Exploiting Cisco Unified CM Vulnerability\nhttps://www.securityweek.com/hackers-exploiting-cisco-unified-cm-vulnerability/\n\nCisco noted that a PoC had been available for CVE-2026-20230 when it announced patches in early June.\nThe post Hackers Exploiting Cisco Unified CM Vulnerability (https://www.securityweek.com/hackers-exploiting-cisco-unified-cm-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2026-07-16T00:00:08.130628Z"}</description>
      <content:encoded>{"uuid": "9e3fa9fe-9e4f-4c63-8891-89ddeec9d548", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "exploited", "source": "https://t.me/information_security_channel/55466", "content": "Hackers Exploiting Cisco Unified CM Vulnerability\nhttps://www.securityweek.com/hackers-exploiting-cisco-unified-cm-vulnerability/\n\nCisco noted that a PoC had been available for CVE-2026-20230 when it announced patches in early June.\nThe post Hackers Exploiting Cisco Unified CM Vulnerability (https://www.securityweek.com/hackers-exploiting-cisco-unified-cm-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2026-07-16T00:00:08.130628Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9e3fa9fe-9e4f-4c63-8891-89ddeec9d548/export</guid>
      <pubDate>Thu, 16 Jul 2026 00:00:08 +0000</pubDate>
    </item>
    <item>
      <title>1ce49cd3-b3a7-40ec-9c62-b5733eca7fe9</title>
      <link>https://vulnerability.circl.lu/sighting/1ce49cd3-b3a7-40ec-9c62-b5733eca7fe9/export</link>
      <description>{"uuid": "1ce49cd3-b3a7-40ec-9c62-b5733eca7fe9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://t.me/information_security_channel/55466", "content": "Hackers Exploiting Cisco Unified CM Vulnerability\nhttps://www.securityweek.com/hackers-exploiting-cisco-unified-cm-vulnerability/\n\nCisco noted that a PoC had been available for CVE-2026-20230 when it announced patches in early June.\nThe post Hackers Exploiting Cisco Unified CM Vulnerability (https://www.securityweek.com/hackers-exploiting-cisco-unified-cm-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2026-07-15T12:00:06.565997Z"}</description>
      <content:encoded>{"uuid": "1ce49cd3-b3a7-40ec-9c62-b5733eca7fe9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://t.me/information_security_channel/55466", "content": "Hackers Exploiting Cisco Unified CM Vulnerability\nhttps://www.securityweek.com/hackers-exploiting-cisco-unified-cm-vulnerability/\n\nCisco noted that a PoC had been available for CVE-2026-20230 when it announced patches in early June.\nThe post Hackers Exploiting Cisco Unified CM Vulnerability (https://www.securityweek.com/hackers-exploiting-cisco-unified-cm-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2026-07-15T12:00:06.565997Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1ce49cd3-b3a7-40ec-9c62-b5733eca7fe9/export</guid>
      <pubDate>Wed, 15 Jul 2026 12:00:06 +0000</pubDate>
    </item>
    <item>
      <title>74c0fb18-eed5-462a-9fbd-10470c3b5d57</title>
      <link>https://vulnerability.circl.lu/sighting/74c0fb18-eed5-462a-9fbd-10470c3b5d57/export</link>
      <description>{"uuid": "74c0fb18-eed5-462a-9fbd-10470c3b5d57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://t.me/thehackernews/9156", "content": "\ud83d\udea8 No auth required ... a crafted web request to Cisco Unified CM can write files to the OS and open a path to root.\n\nCVE-2026-20230 patch is out, PoC exploit is public, and no attacks yet. Only bites if WebDialer is ON.\n\nFix: 14SU6 / COP / 15SU5, or kill WebDialer. \n\nRead: https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html", "creation_timestamp": "2026-07-15T12:00:05.458153Z"}</description>
      <content:encoded>{"uuid": "74c0fb18-eed5-462a-9fbd-10470c3b5d57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://t.me/thehackernews/9156", "content": "\ud83d\udea8 No auth required ... a crafted web request to Cisco Unified CM can write files to the OS and open a path to root.\n\nCVE-2026-20230 patch is out, PoC exploit is public, and no attacks yet. Only bites if WebDialer is ON.\n\nFix: 14SU6 / COP / 15SU5, or kill WebDialer. \n\nRead: https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html", "creation_timestamp": "2026-07-15T12:00:05.458153Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/74c0fb18-eed5-462a-9fbd-10470c3b5d57/export</guid>
      <pubDate>Wed, 15 Jul 2026 12:00:05 +0000</pubDate>
    </item>
  </channel>
</rss>
