<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Wed, 08 Jul 2026 16:36:34 +0000</lastBuildDate>
    <item>
      <title>e6cad395-fbe7-4031-a6dc-7ea7c0c23ae6</title>
      <link>https://vulnerability.circl.lu/sighting/e6cad395-fbe7-4031-a6dc-7ea7c0c23ae6/export</link>
      <description>{"uuid": "e6cad395-fbe7-4031-a6dc-7ea7c0c23ae6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/bluehatone.bsky.social/post/3mq25rtswhb23", "content": "OpenClaw security alert. 135,000+ servers exposed, 50,000 open to remote code, 335 bad skills found. CVE-2026-25253 can steal a token with one click via a localhost WebSocket. Safer steps: don\u2019t use your main laptop, enable auth, bind to 127.0.0.1 or VPN, least privilege, audit skills.", "creation_timestamp": "2026-07-07T08:11:22.581651Z"}</description>
      <content:encoded>{"uuid": "e6cad395-fbe7-4031-a6dc-7ea7c0c23ae6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/bluehatone.bsky.social/post/3mq25rtswhb23", "content": "OpenClaw security alert. 135,000+ servers exposed, 50,000 open to remote code, 335 bad skills found. CVE-2026-25253 can steal a token with one click via a localhost WebSocket. Safer steps: don\u2019t use your main laptop, enable auth, bind to 127.0.0.1 or VPN, least privilege, audit skills.", "creation_timestamp": "2026-07-07T08:11:22.581651Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e6cad395-fbe7-4031-a6dc-7ea7c0c23ae6/export</guid>
      <pubDate>Tue, 07 Jul 2026 08:11:22 +0000</pubDate>
    </item>
    <item>
      <title>432755d8-badf-4d24-a5fe-f575ac222d78</title>
      <link>https://vulnerability.circl.lu/sighting/432755d8-badf-4d24-a5fe-f575ac222d78/export</link>
      <description>{"uuid": "432755d8-badf-4d24-a5fe-f575ac222d78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/ctsd-gmbh.bsky.social/post/3mptm24sk6m2j", "content": "CVE-2026-25253 in KI-Agenten ohne Interface: Realit\u00e4t oder Roadmap?\n\nJetzt lesen: https://www.ctsd.de/insights/2026-07-ki-ki-agenten-ohne-interface-realit-t-oder-roadmap.html\n\n#ITSecurity #Compliance #KI\n\nhttps://www.ctsd.de/insights/2026-07-ki-ki-agenten-ohne-interface-realit-t-oder-roadmap.html", "creation_timestamp": "2026-07-04T17:37:53.433721Z"}</description>
      <content:encoded>{"uuid": "432755d8-badf-4d24-a5fe-f575ac222d78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/ctsd-gmbh.bsky.social/post/3mptm24sk6m2j", "content": "CVE-2026-25253 in KI-Agenten ohne Interface: Realit\u00e4t oder Roadmap?\n\nJetzt lesen: https://www.ctsd.de/insights/2026-07-ki-ki-agenten-ohne-interface-realit-t-oder-roadmap.html\n\n#ITSecurity #Compliance #KI\n\nhttps://www.ctsd.de/insights/2026-07-ki-ki-agenten-ohne-interface-realit-t-oder-roadmap.html", "creation_timestamp": "2026-07-04T17:37:53.433721Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/432755d8-badf-4d24-a5fe-f575ac222d78/export</guid>
      <pubDate>Sat, 04 Jul 2026 17:37:53 +0000</pubDate>
    </item>
    <item>
      <title>be6da4dc-0009-4b00-94b5-4fd88cc3661e</title>
      <link>https://vulnerability.circl.lu/sighting/be6da4dc-0009-4b00-94b5-4fd88cc3661e/export</link>
      <description>{"uuid": "be6da4dc-0009-4b00-94b5-4fd88cc3661e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mottrv2xxt2l", "content": "Top 3 CVE for last 7 days:\nCVE-2026-50656: 28 interactions\nCVE-2026-20262: 25 interactions\nCVE-2026-54420: 25 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-20253: 6 interactions\nCVE-2026-25253: 4 interactions\nCVE-2026-35469: 4 interactions\n", "creation_timestamp": "2026-06-22T02:31:16.151843Z"}</description>
      <content:encoded>{"uuid": "be6da4dc-0009-4b00-94b5-4fd88cc3661e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mottrv2xxt2l", "content": "Top 3 CVE for last 7 days:\nCVE-2026-50656: 28 interactions\nCVE-2026-20262: 25 interactions\nCVE-2026-54420: 25 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-20253: 6 interactions\nCVE-2026-25253: 4 interactions\nCVE-2026-35469: 4 interactions\n", "creation_timestamp": "2026-06-22T02:31:16.151843Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/be6da4dc-0009-4b00-94b5-4fd88cc3661e/export</guid>
      <pubDate>Mon, 22 Jun 2026 02:31:16 +0000</pubDate>
    </item>
    <item>
      <title>a034e306-ba17-445b-9f84-68e8150c0a5b</title>
      <link>https://vulnerability.circl.lu/sighting/a034e306-ba17-445b-9f84-68e8150c0a5b/export</link>
      <description>{"uuid": "a034e306-ba17-445b-9f84-68e8150c0a5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/phantomfills.bsky.social/post/3moruyfgaek2z", "content": "The RisksIt\u2019s not all sunshine. The recent @OpenClaw vulnerabilities (CVE-2026-25253) were a wake-up call.\n\nAs agents get more \"root\" access to our capital, security becomes the ultimate primitive. Sandbox execution is no longer optional\u2014it's mandatory.", "creation_timestamp": "2026-06-21T07:54:06.894633Z"}</description>
      <content:encoded>{"uuid": "a034e306-ba17-445b-9f84-68e8150c0a5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/phantomfills.bsky.social/post/3moruyfgaek2z", "content": "The RisksIt\u2019s not all sunshine. The recent @OpenClaw vulnerabilities (CVE-2026-25253) were a wake-up call.\n\nAs agents get more \"root\" access to our capital, security becomes the ultimate primitive. Sandbox execution is no longer optional\u2014it's mandatory.", "creation_timestamp": "2026-06-21T07:54:06.894633Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a034e306-ba17-445b-9f84-68e8150c0a5b/export</guid>
      <pubDate>Sun, 21 Jun 2026 07:54:06 +0000</pubDate>
    </item>
    <item>
      <title>e12742da-e8fa-4069-8325-6aa10873f9d8</title>
      <link>https://vulnerability.circl.lu/sighting/e12742da-e8fa-4069-8325-6aa10873f9d8/export</link>
      <description>{"uuid": "e12742da-e8fa-4069-8325-6aa10873f9d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/phantomfills.bsky.social/post/3moruycokpc2z", "content": "The RisksIt\u2019s not all sunshine. The recent @OpenClaw vulnerabilities (CVE-2026-25253) were a wake-up call.\n\nAs agents get more \"root\" access to our capital, security becomes the ultimate primitive. Sandbox execution is no longer optional\u2014it's mandatory.", "creation_timestamp": "2026-06-21T07:51:56.141429Z"}</description>
      <content:encoded>{"uuid": "e12742da-e8fa-4069-8325-6aa10873f9d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/phantomfills.bsky.social/post/3moruycokpc2z", "content": "The RisksIt\u2019s not all sunshine. The recent @OpenClaw vulnerabilities (CVE-2026-25253) were a wake-up call.\n\nAs agents get more \"root\" access to our capital, security becomes the ultimate primitive. Sandbox execution is no longer optional\u2014it's mandatory.", "creation_timestamp": "2026-06-21T07:51:56.141429Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e12742da-e8fa-4069-8325-6aa10873f9d8/export</guid>
      <pubDate>Sun, 21 Jun 2026 07:51:56 +0000</pubDate>
    </item>
    <item>
      <title>3a7ea034-93f1-4cfb-8f4c-86a45f86463c</title>
      <link>https://vulnerability.circl.lu/sighting/3a7ea034-93f1-4cfb-8f4c-86a45f86463c/export</link>
      <description>{"uuid": "3a7ea034-93f1-4cfb-8f4c-86a45f86463c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/phantomfills.bsky.social/post/3moruy72a2c2z", "content": "The RisksIt\u2019s not all sunshine. The recent @OpenClaw vulnerabilities (CVE-2026-25253) were a wake-up call.\n\nAs agents get more \"root\" access to our capital, security becomes the ultimate primitive. Sandbox execution is no longer optional\u2014it's mandatory.", "creation_timestamp": "2026-06-21T07:51:55.617839Z"}</description>
      <content:encoded>{"uuid": "3a7ea034-93f1-4cfb-8f4c-86a45f86463c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/phantomfills.bsky.social/post/3moruy72a2c2z", "content": "The RisksIt\u2019s not all sunshine. The recent @OpenClaw vulnerabilities (CVE-2026-25253) were a wake-up call.\n\nAs agents get more \"root\" access to our capital, security becomes the ultimate primitive. Sandbox execution is no longer optional\u2014it's mandatory.", "creation_timestamp": "2026-06-21T07:51:55.617839Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3a7ea034-93f1-4cfb-8f4c-86a45f86463c/export</guid>
      <pubDate>Sun, 21 Jun 2026 07:51:55 +0000</pubDate>
    </item>
    <item>
      <title>3a2aa5e8-e644-4359-903b-f940af07dc9a</title>
      <link>https://vulnerability.circl.lu/sighting/3a2aa5e8-e644-4359-903b-f940af07dc9a/export</link>
      <description>{"uuid": "3a2aa5e8-e644-4359-903b-f940af07dc9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/phantomfills.bsky.social/post/3moruxymmx22z", "content": "The RisksIt\u2019s not all sunshine. The recent @OpenClaw vulnerabilities (CVE-2026-25253) were a wake-up call.\n\nAs agents get more \"root\" access to our capital, security becomes the ultimate primitive. Sandbox execution is no longer optional\u2014it's mandatory.", "creation_timestamp": "2026-06-21T07:49:43.637658Z"}</description>
      <content:encoded>{"uuid": "3a2aa5e8-e644-4359-903b-f940af07dc9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/phantomfills.bsky.social/post/3moruxymmx22z", "content": "The RisksIt\u2019s not all sunshine. The recent @OpenClaw vulnerabilities (CVE-2026-25253) were a wake-up call.\n\nAs agents get more \"root\" access to our capital, security becomes the ultimate primitive. Sandbox execution is no longer optional\u2014it's mandatory.", "creation_timestamp": "2026-06-21T07:49:43.637658Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3a2aa5e8-e644-4359-903b-f940af07dc9a/export</guid>
      <pubDate>Sun, 21 Jun 2026 07:49:43 +0000</pubDate>
    </item>
    <item>
      <title>1cb95d5f-505d-4d06-858c-8036192ee838</title>
      <link>https://vulnerability.circl.lu/sighting/1cb95d5f-505d-4d06-858c-8036192ee838/export</link>
      <description>{"uuid": "1cb95d5f-505d-4d06-858c-8036192ee838", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/phantomfills.bsky.social/post/3moruxuwufc2z", "content": "The RisksIt\u2019s not all sunshine. The recent @OpenClaw vulnerabilities (CVE-2026-25253) were a wake-up call.\n\nAs agents get more \"root\" access to our capital, security becomes the ultimate primitive. Sandbox execution is no longer optional\u2014it's mandatory.", "creation_timestamp": "2026-06-21T07:49:42.773752Z"}</description>
      <content:encoded>{"uuid": "1cb95d5f-505d-4d06-858c-8036192ee838", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/phantomfills.bsky.social/post/3moruxuwufc2z", "content": "The RisksIt\u2019s not all sunshine. The recent @OpenClaw vulnerabilities (CVE-2026-25253) were a wake-up call.\n\nAs agents get more \"root\" access to our capital, security becomes the ultimate primitive. Sandbox execution is no longer optional\u2014it's mandatory.", "creation_timestamp": "2026-06-21T07:49:42.773752Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1cb95d5f-505d-4d06-858c-8036192ee838/export</guid>
      <pubDate>Sun, 21 Jun 2026 07:49:42 +0000</pubDate>
    </item>
    <item>
      <title>0d971797-c085-4c98-b3df-4790b24845ff</title>
      <link>https://vulnerability.circl.lu/sighting/0d971797-c085-4c98-b3df-4790b24845ff/export</link>
      <description>{"uuid": "0d971797-c085-4c98-b3df-4790b24845ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/phantomfills.bsky.social/post/3moruxrp24s2z", "content": "The RisksIt\u2019s not all sunshine. The recent @OpenClaw vulnerabilities (CVE-2026-25253) were a wake-up call.\n\nAs agents get more \"root\" access to our capital, security becomes the ultimate primitive. Sandbox execution is no longer optional\u2014it's mandatory.", "creation_timestamp": "2026-06-21T07:49:42.108121Z"}</description>
      <content:encoded>{"uuid": "0d971797-c085-4c98-b3df-4790b24845ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/phantomfills.bsky.social/post/3moruxrp24s2z", "content": "The RisksIt\u2019s not all sunshine. The recent @OpenClaw vulnerabilities (CVE-2026-25253) were a wake-up call.\n\nAs agents get more \"root\" access to our capital, security becomes the ultimate primitive. Sandbox execution is no longer optional\u2014it's mandatory.", "creation_timestamp": "2026-06-21T07:49:42.108121Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0d971797-c085-4c98-b3df-4790b24845ff/export</guid>
      <pubDate>Sun, 21 Jun 2026 07:49:42 +0000</pubDate>
    </item>
    <item>
      <title>32b400ed-b180-4454-a78b-03dab6e34809</title>
      <link>https://vulnerability.circl.lu/sighting/32b400ed-b180-4454-a78b-03dab6e34809/export</link>
      <description>{"uuid": "32b400ed-b180-4454-a78b-03dab6e34809", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/bluehatone.bsky.social/post/3moket6ftvp2u", "content": "OpenClaw is not just chat. It is a robot super user with 24/7 access. Researchers found thousands of agents exposed online with weak auth and plaintext secrets. CVE-2026-25253 can steal tokens by a crafted URL, near CVSS 8.8. Use secrets manager and least privilege now.", "creation_timestamp": "2026-06-18T08:09:34.634565Z"}</description>
      <content:encoded>{"uuid": "32b400ed-b180-4454-a78b-03dab6e34809", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25253", "type": "seen", "source": "https://bsky.app/profile/bluehatone.bsky.social/post/3moket6ftvp2u", "content": "OpenClaw is not just chat. It is a robot super user with 24/7 access. Researchers found thousands of agents exposed online with weak auth and plaintext secrets. CVE-2026-25253 can steal tokens by a crafted URL, near CVSS 8.8. Use secrets manager and least privilege now.", "creation_timestamp": "2026-06-18T08:09:34.634565Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/32b400ed-b180-4454-a78b-03dab6e34809/export</guid>
      <pubDate>Thu, 18 Jun 2026 08:09:34 +0000</pubDate>
    </item>
  </channel>
</rss>
