<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Thu, 02 Jul 2026 15:56:56 +0000</lastBuildDate>
    <item>
      <title>c7c5820a-e070-4e1c-9e83-db67e04f2ef1</title>
      <link>https://vulnerability.circl.lu/sighting/c7c5820a-e070-4e1c-9e83-db67e04f2ef1/export</link>
      <description>{"uuid": "c7c5820a-e070-4e1c-9e83-db67e04f2ef1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-35482", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116684293866333535", "content": "\ud83d\udee1\ufe0f HIGH severity: CVE-2026-35482 in alf.io (&amp;lt;2.0-M5-2606) lets authenticated admins escape the Rhino JS sandbox and execute OS commands via Java reflection. Upgrade to 2.0-M5-2606 now! https://radar.offseq.com/threat/cve-2026-35482-cwe-863-incorrect-authorization-in--7701fe0c #OffSeq #Vulnerability #alfio #Security", "creation_timestamp": "2026-06-03T04:30:37.678921Z"}</description>
      <content:encoded>{"uuid": "c7c5820a-e070-4e1c-9e83-db67e04f2ef1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-35482", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116684293866333535", "content": "\ud83d\udee1\ufe0f HIGH severity: CVE-2026-35482 in alf.io (&amp;lt;2.0-M5-2606) lets authenticated admins escape the Rhino JS sandbox and execute OS commands via Java reflection. Upgrade to 2.0-M5-2606 now! https://radar.offseq.com/threat/cve-2026-35482-cwe-863-incorrect-authorization-in--7701fe0c #OffSeq #Vulnerability #alfio #Security", "creation_timestamp": "2026-06-03T04:30:37.678921Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c7c5820a-e070-4e1c-9e83-db67e04f2ef1/export</guid>
      <pubDate>Wed, 03 Jun 2026 04:30:37 +0000</pubDate>
    </item>
    <item>
      <title>c3276347-55b4-436d-b422-e6125b736edf</title>
      <link>https://vulnerability.circl.lu/sighting/c3276347-55b4-436d-b422-e6125b736edf/export</link>
      <description>{"uuid": "c3276347-55b4-436d-b422-e6125b736edf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-35482", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mneblm5uge2d", "content": "alf.io HIGH severity vuln (CVE-2026-35482): Authenticated admins can escape JS sandbox &amp;amp; run OS commands. Upgrade to 2.0-M5-2606 to stay secure! https://radar.offseq.com/threat/cve-2026-35482-cwe-863-incorrect-authorization-in--7701fe0c #OffSeq #Vulnerability #Security", "creation_timestamp": "2026-06-03T04:30:30.424653Z"}</description>
      <content:encoded>{"uuid": "c3276347-55b4-436d-b422-e6125b736edf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-35482", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mneblm5uge2d", "content": "alf.io HIGH severity vuln (CVE-2026-35482): Authenticated admins can escape JS sandbox &amp;amp; run OS commands. Upgrade to 2.0-M5-2606 to stay secure! https://radar.offseq.com/threat/cve-2026-35482-cwe-863-incorrect-authorization-in--7701fe0c #OffSeq #Vulnerability #Security", "creation_timestamp": "2026-06-03T04:30:30.424653Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c3276347-55b4-436d-b422-e6125b736edf/export</guid>
      <pubDate>Wed, 03 Jun 2026 04:30:30 +0000</pubDate>
    </item>
    <item>
      <title>4081ff5e-9244-48ef-9d74-ac31f4c7093b</title>
      <link>https://vulnerability.circl.lu/sighting/4081ff5e-9244-48ef-9d74-ac31f4c7093b/export</link>
      <description>{"uuid": "4081ff5e-9244-48ef-9d74-ac31f4c7093b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-35482", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mne3lqz6f62q", "content": "CVE-2026-35482 - alf.io has an Authenticated RCE via Extension Script Sandbox Escape\nCVE ID : CVE-2026-35482\n \n Published : June 2, 2026, 11:16 p.m. | 3\u00a0hours, 16\u00a0minutes ago\n \n Description : alf.io is an open source ticket reservation system for conferences, trade shows, work...", "creation_timestamp": "2026-06-03T02:43:11.907566Z"}</description>
      <content:encoded>{"uuid": "4081ff5e-9244-48ef-9d74-ac31f4c7093b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-35482", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mne3lqz6f62q", "content": "CVE-2026-35482 - alf.io has an Authenticated RCE via Extension Script Sandbox Escape\nCVE ID : CVE-2026-35482\n \n Published : June 2, 2026, 11:16 p.m. | 3\u00a0hours, 16\u00a0minutes ago\n \n Description : alf.io is an open source ticket reservation system for conferences, trade shows, work...", "creation_timestamp": "2026-06-03T02:43:11.907566Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/4081ff5e-9244-48ef-9d74-ac31f4c7093b/export</guid>
      <pubDate>Wed, 03 Jun 2026 02:43:11 +0000</pubDate>
    </item>
    <item>
      <title>df5ae072-0317-47e5-b162-b760c9967e26</title>
      <link>https://vulnerability.circl.lu/sighting/df5ae072-0317-47e5-b162-b760c9967e26/export</link>
      <description>{"uuid": "df5ae072-0317-47e5-b162-b760c9967e26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-35482", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mndsk2lvzu22", "content": "\ud83d\udfe0 CVE-2026-35482 - High (8)\n\nalf.io is an open source ticket reservation system for conferences, trade shows, workshops, and m...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-35482/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-03T00:01:11.832690Z"}</description>
      <content:encoded>{"uuid": "df5ae072-0317-47e5-b162-b760c9967e26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-35482", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mndsk2lvzu22", "content": "\ud83d\udfe0 CVE-2026-35482 - High (8)\n\nalf.io is an open source ticket reservation system for conferences, trade shows, workshops, and m...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-35482/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-03T00:01:11.832690Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/df5ae072-0317-47e5-b162-b760c9967e26/export</guid>
      <pubDate>Wed, 03 Jun 2026 00:01:11 +0000</pubDate>
    </item>
    <item>
      <title>bae1016c-321d-4a98-99e0-6ef0d398e6bd</title>
      <link>https://vulnerability.circl.lu/sighting/bae1016c-321d-4a98-99e0-6ef0d398e6bd/export</link>
      <description>{"uuid": "bae1016c-321d-4a98-99e0-6ef0d398e6bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-35488", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mjwglnh4pm2s", "content": "", "creation_timestamp": "2026-04-20T12:07:08.414183Z"}</description>
      <content:encoded>{"uuid": "bae1016c-321d-4a98-99e0-6ef0d398e6bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-35488", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mjwglnh4pm2s", "content": "", "creation_timestamp": "2026-04-20T12:07:08.414183Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/bae1016c-321d-4a98-99e0-6ef0d398e6bd/export</guid>
      <pubDate>Mon, 20 Apr 2026 12:07:08 +0000</pubDate>
    </item>
    <item>
      <title>5b21471b-a56c-460a-ad9f-a5c7230432cb</title>
      <link>https://vulnerability.circl.lu/sighting/5b21471b-a56c-460a-ad9f-a5c7230432cb/export</link>
      <description>{"uuid": "5b21471b-a56c-460a-ad9f-a5c7230432cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-35489", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mjjgtukel62v", "content": "", "creation_timestamp": "2026-04-15T08:07:07.640652Z"}</description>
      <content:encoded>{"uuid": "5b21471b-a56c-460a-ad9f-a5c7230432cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-35489", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mjjgtukel62v", "content": "", "creation_timestamp": "2026-04-15T08:07:07.640652Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5b21471b-a56c-460a-ad9f-a5c7230432cb/export</guid>
      <pubDate>Wed, 15 Apr 2026 08:07:07 +0000</pubDate>
    </item>
    <item>
      <title>113eb103-fb12-4428-bb5c-9c76e764d845</title>
      <link>https://vulnerability.circl.lu/sighting/113eb103-fb12-4428-bb5c-9c76e764d845/export</link>
      <description>{"uuid": "113eb103-fb12-4428-bb5c-9c76e764d845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-35486", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mj43emha3t2c", "content": "", "creation_timestamp": "2026-04-10T00:37:07.962429Z"}</description>
      <content:encoded>{"uuid": "113eb103-fb12-4428-bb5c-9c76e764d845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-35486", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mj43emha3t2c", "content": "", "creation_timestamp": "2026-04-10T00:37:07.962429Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/113eb103-fb12-4428-bb5c-9c76e764d845/export</guid>
      <pubDate>Fri, 10 Apr 2026 00:37:07 +0000</pubDate>
    </item>
    <item>
      <title>cecacb61-cb13-4dab-aee7-5dfd2bb3bd6b</title>
      <link>https://vulnerability.circl.lu/sighting/cecacb61-cb13-4dab-aee7-5dfd2bb3bd6b/export</link>
      <description>{"uuid": "cecacb61-cb13-4dab-aee7-5dfd2bb3bd6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-35489", "type": "seen", "source": "Telegram/yDDpU4nC0b44IAL16-yoyqmXwVbKF5D32H81GUj_gS-e3jc", "content": "", "creation_timestamp": "2026-04-07T17:29:27.000000Z"}</description>
      <content:encoded>{"uuid": "cecacb61-cb13-4dab-aee7-5dfd2bb3bd6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-35489", "type": "seen", "source": "Telegram/yDDpU4nC0b44IAL16-yoyqmXwVbKF5D32H81GUj_gS-e3jc", "content": "", "creation_timestamp": "2026-04-07T17:29:27.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/cecacb61-cb13-4dab-aee7-5dfd2bb3bd6b/export</guid>
      <pubDate>Tue, 07 Apr 2026 17:29:27 +0000</pubDate>
    </item>
    <item>
      <title>4346e8aa-1b03-4d10-94b0-3259ed0a0d26</title>
      <link>https://vulnerability.circl.lu/sighting/4346e8aa-1b03-4d10-94b0-3259ed0a0d26/export</link>
      <description>{"uuid": "4346e8aa-1b03-4d10-94b0-3259ed0a0d26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-35488", "type": "seen", "source": "Telegram/yDDpU4nC0b44IAL16-yoyqmXwVbKF5D32H81GUj_gS-e3jc", "content": "", "creation_timestamp": "2026-04-07T17:29:27.000000Z"}</description>
      <content:encoded>{"uuid": "4346e8aa-1b03-4d10-94b0-3259ed0a0d26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-35488", "type": "seen", "source": "Telegram/yDDpU4nC0b44IAL16-yoyqmXwVbKF5D32H81GUj_gS-e3jc", "content": "", "creation_timestamp": "2026-04-07T17:29:27.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/4346e8aa-1b03-4d10-94b0-3259ed0a0d26/export</guid>
      <pubDate>Tue, 07 Apr 2026 17:29:27 +0000</pubDate>
    </item>
    <item>
      <title>95ddda43-804c-4914-8f9a-0b8e243db1f7</title>
      <link>https://vulnerability.circl.lu/sighting/95ddda43-804c-4914-8f9a-0b8e243db1f7/export</link>
      <description>{"uuid": "95ddda43-804c-4914-8f9a-0b8e243db1f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-35485", "type": "published-proof-of-concept", "source": "Telegram/8eXn4QLj3W1_8AYc2pIsiDgfSWsuolTpz1YwE008yOgTXtw", "content": "", "creation_timestamp": "2026-04-07T17:29:14.000000Z"}</description>
      <content:encoded>{"uuid": "95ddda43-804c-4914-8f9a-0b8e243db1f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-35485", "type": "published-proof-of-concept", "source": "Telegram/8eXn4QLj3W1_8AYc2pIsiDgfSWsuolTpz1YwE008yOgTXtw", "content": "", "creation_timestamp": "2026-04-07T17:29:14.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/95ddda43-804c-4914-8f9a-0b8e243db1f7/export</guid>
      <pubDate>Tue, 07 Apr 2026 17:29:14 +0000</pubDate>
    </item>
  </channel>
</rss>
