<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Mon, 13 Jul 2026 17:26:42 +0000</lastBuildDate>
    <item>
      <title>3bd58e8b-2d4a-47a6-b5da-49b831748611</title>
      <link>https://vulnerability.circl.lu/sighting/3bd58e8b-2d4a-47a6-b5da-49b831748611/export</link>
      <description>{"uuid": "3bd58e8b-2d4a-47a6-b5da-49b831748611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44007", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq75n6xlzv2z", "content": "CVE-2026-44007 - @rootio/vm2\nThe vm2 library in Root:npm has a security issue that could allow an attacker to access sensitive information or perform unauthorized actions. This has been fixed by Root in a\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#rootio #Rootnpm #CVE #infosec", "creation_timestamp": "2026-07-09T07:52:03.743825Z"}</description>
      <content:encoded>{"uuid": "3bd58e8b-2d4a-47a6-b5da-49b831748611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44007", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq75n6xlzv2z", "content": "CVE-2026-44007 - @rootio/vm2\nThe vm2 library in Root:npm has a security issue that could allow an attacker to access sensitive information or perform unauthorized actions. This has been fixed by Root in a\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#rootio #Rootnpm #CVE #infosec", "creation_timestamp": "2026-07-09T07:52:03.743825Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3bd58e8b-2d4a-47a6-b5da-49b831748611/export</guid>
      <pubDate>Thu, 09 Jul 2026 07:52:03 +0000</pubDate>
    </item>
    <item>
      <title>e642bf0f-81c4-4407-b146-b2f0ef83cc01</title>
      <link>https://vulnerability.circl.lu/sighting/e642bf0f-81c4-4407-b146-b2f0ef83cc01/export</link>
      <description>{"uuid": "e642bf0f-81c4-4407-b146-b2f0ef83cc01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44007", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mmhyplqiny2r", "content": "\ud83d\udccc CVE-2026-44007 - vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.1, when a NodeVM is created with nesting: true, sandbox code can unconditionally require('... https://www.cyberhub.blog/cves/CVE-2026-44007", "creation_timestamp": "2026-05-22T22:37:06.598073Z"}</description>
      <content:encoded>{"uuid": "e642bf0f-81c4-4407-b146-b2f0ef83cc01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44007", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mmhyplqiny2r", "content": "\ud83d\udccc CVE-2026-44007 - vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.1, when a NodeVM is created with nesting: true, sandbox code can unconditionally require('... https://www.cyberhub.blog/cves/CVE-2026-44007", "creation_timestamp": "2026-05-22T22:37:06.598073Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e642bf0f-81c4-4407-b146-b2f0ef83cc01/export</guid>
      <pubDate>Fri, 22 May 2026 22:37:06 +0000</pubDate>
    </item>
    <item>
      <title>0fbdbe78-f989-4674-ae03-3dbc9b6e8dbf</title>
      <link>https://vulnerability.circl.lu/sighting/0fbdbe78-f989-4674-ae03-3dbc9b6e8dbf/export</link>
      <description>{"uuid": "0fbdbe78-f989-4674-ae03-3dbc9b6e8dbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44007", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ml4tiejjgf2s", "content": "vm2: sandbox escape in NodeVM with nesting:true (CVE-2026-44007)", "creation_timestamp": "2026-05-05T18:39:06.928892Z"}</description>
      <content:encoded>{"uuid": "0fbdbe78-f989-4674-ae03-3dbc9b6e8dbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44007", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ml4tiejjgf2s", "content": "vm2: sandbox escape in NodeVM with nesting:true (CVE-2026-44007)", "creation_timestamp": "2026-05-05T18:39:06.928892Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0fbdbe78-f989-4674-ae03-3dbc9b6e8dbf/export</guid>
      <pubDate>Tue, 05 May 2026 18:39:06 +0000</pubDate>
    </item>
    <item>
      <title>a8356f78-097b-458a-a436-beda0b7a4aab</title>
      <link>https://vulnerability.circl.lu/sighting/a8356f78-097b-458a-a436-beda0b7a4aab/export</link>
      <description>{"uuid": "a8356f78-097b-458a-a436-beda0b7a4aab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-44007", "type": "published-proof-of-concept", "source": "https://github.com/patriksimek/vm2/security/advisories/GHSA-8hg8-63c5-gwmx", "content": "", "creation_timestamp": "2026-05-01T21:29:07.000000Z"}</description>
      <content:encoded>{"uuid": "a8356f78-097b-458a-a436-beda0b7a4aab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-44007", "type": "published-proof-of-concept", "source": "https://github.com/patriksimek/vm2/security/advisories/GHSA-8hg8-63c5-gwmx", "content": "", "creation_timestamp": "2026-05-01T21:29:07.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a8356f78-097b-458a-a436-beda0b7a4aab/export</guid>
      <pubDate>Fri, 01 May 2026 21:29:07 +0000</pubDate>
    </item>
  </channel>
</rss>
