<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sun, 05 Jul 2026 09:51:26 +0000</lastBuildDate>
    <item>
      <title>3e2c387c-6dc3-434b-9380-16273c1f4375</title>
      <link>https://vulnerability.circl.lu/sighting/3e2c387c-6dc3-434b-9380-16273c1f4375/export</link>
      <description>{"uuid": "3e2c387c-6dc3-434b-9380-16273c1f4375", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44087", "type": "seen", "source": "https://bsky.app/profile/cyberowi.pl/post/3mp6i2mgisx2t", "content": "\ud83d\udea8 Krytyczna luka w Apache APISIX (CVE-2026-44087) pozwala omin\u0105\u0107 logowanie\n\nLuka z ocen\u0105 9.1 w skali CVSS w popularnym API gateway Apache APISIX umo\u017cliwia fa\u0142szowanie to\u017csamo\u015bci. Dotyczy to wersji od\n\nhttps://cyberowi.pl/krytyczna-luka-w-apache-apisix-cve-2026-44087-pozwala/\n\n#cyberbezpieczenstwo", "creation_timestamp": "2026-06-26T08:00:39.995272Z"}</description>
      <content:encoded>{"uuid": "3e2c387c-6dc3-434b-9380-16273c1f4375", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44087", "type": "seen", "source": "https://bsky.app/profile/cyberowi.pl/post/3mp6i2mgisx2t", "content": "\ud83d\udea8 Krytyczna luka w Apache APISIX (CVE-2026-44087) pozwala omin\u0105\u0107 logowanie\n\nLuka z ocen\u0105 9.1 w skali CVSS w popularnym API gateway Apache APISIX umo\u017cliwia fa\u0142szowanie to\u017csamo\u015bci. Dotyczy to wersji od\n\nhttps://cyberowi.pl/krytyczna-luka-w-apache-apisix-cve-2026-44087-pozwala/\n\n#cyberbezpieczenstwo", "creation_timestamp": "2026-06-26T08:00:39.995272Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3e2c387c-6dc3-434b-9380-16273c1f4375/export</guid>
      <pubDate>Fri, 26 Jun 2026 08:00:39 +0000</pubDate>
    </item>
    <item>
      <title>609b8ab7-6486-4832-a8c3-9ee2e41acfde</title>
      <link>https://vulnerability.circl.lu/sighting/609b8ab7-6486-4832-a8c3-9ee2e41acfde/export</link>
      <description>{"uuid": "609b8ab7-6486-4832-a8c3-9ee2e41acfde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44087", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3moypr3ispy22", "content": "\ud83d\udea8  ALERT: CVE-2026-44087\n\nCVSS 9.1/10\n\n\ud83d\udccb WHAT IT IS:\nInsufficient Verification of Data Authenticity vulnerability in Apache APISIX.\n\nThe openid-connect plugin under default configuration has an attack surface that allows the attacker to spoof identity headers allowing the attacker to get unauthorize", "creation_timestamp": "2026-06-24T01:02:31.526013Z"}</description>
      <content:encoded>{"uuid": "609b8ab7-6486-4832-a8c3-9ee2e41acfde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44087", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3moypr3ispy22", "content": "\ud83d\udea8  ALERT: CVE-2026-44087\n\nCVSS 9.1/10\n\n\ud83d\udccb WHAT IT IS:\nInsufficient Verification of Data Authenticity vulnerability in Apache APISIX.\n\nThe openid-connect plugin under default configuration has an attack surface that allows the attacker to spoof identity headers allowing the attacker to get unauthorize", "creation_timestamp": "2026-06-24T01:02:31.526013Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/609b8ab7-6486-4832-a8c3-9ee2e41acfde/export</guid>
      <pubDate>Wed, 24 Jun 2026 01:02:31 +0000</pubDate>
    </item>
    <item>
      <title>b0962889-6821-45e2-9f26-7afc62e826e1</title>
      <link>https://vulnerability.circl.lu/sighting/b0962889-6821-45e2-9f26-7afc62e826e1/export</link>
      <description>{"uuid": "b0962889-6821-45e2-9f26-7afc62e826e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-44083", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1934", "content": "", "creation_timestamp": "2026-06-23T21:00:00.000000Z"}</description>
      <content:encoded>{"uuid": "b0962889-6821-45e2-9f26-7afc62e826e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-44083", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1934", "content": "", "creation_timestamp": "2026-06-23T21:00:00.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b0962889-6821-45e2-9f26-7afc62e826e1/export</guid>
      <pubDate>Tue, 23 Jun 2026 21:00:00 +0000</pubDate>
    </item>
    <item>
      <title>9e1c6cdc-74ef-4046-bcad-08c367b2d4c8</title>
      <link>https://vulnerability.circl.lu/sighting/9e1c6cdc-74ef-4046-bcad-08c367b2d4c8/export</link>
      <description>{"uuid": "9e1c6cdc-74ef-4046-bcad-08c367b2d4c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44089", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116800303017766126", "content": "A new vulnerability with increased severity was disclosed for Totolink EX1200L (CVE-2026-44089) https://vuldb.com/vuln/372882", "creation_timestamp": "2026-06-23T16:13:07.491800Z"}</description>
      <content:encoded>{"uuid": "9e1c6cdc-74ef-4046-bcad-08c367b2d4c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44089", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116800303017766126", "content": "A new vulnerability with increased severity was disclosed for Totolink EX1200L (CVE-2026-44089) https://vuldb.com/vuln/372882", "creation_timestamp": "2026-06-23T16:13:07.491800Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9e1c6cdc-74ef-4046-bcad-08c367b2d4c8/export</guid>
      <pubDate>Tue, 23 Jun 2026 16:13:07 +0000</pubDate>
    </item>
    <item>
      <title>33033bdd-1ca9-4171-8c63-2e8d6d9021b1</title>
      <link>https://vulnerability.circl.lu/sighting/33033bdd-1ca9-4171-8c63-2e8d6d9021b1/export</link>
      <description>{"uuid": "33033bdd-1ca9-4171-8c63-2e8d6d9021b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44089", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moxneoahvj2r", "content": "CVE-2026-44089 - Buffer Overflow in Totolink EX1200L router\nCVE ID : CVE-2026-44089\n \n Published : 23 juin 2026 12:08 | 1\u00a0heure, 35\u00a0minutes ago\n \n Description : Totolink\u00a0EX1200L router is vulnerable to Buffer Overflow in the login functionality in\u00a0cgi-bin/cstecgi.cgi endpoint....", "creation_timestamp": "2026-06-23T14:47:08.041963Z"}</description>
      <content:encoded>{"uuid": "33033bdd-1ca9-4171-8c63-2e8d6d9021b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44089", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moxneoahvj2r", "content": "CVE-2026-44089 - Buffer Overflow in Totolink EX1200L router\nCVE ID : CVE-2026-44089\n \n Published : 23 juin 2026 12:08 | 1\u00a0heure, 35\u00a0minutes ago\n \n Description : Totolink\u00a0EX1200L router is vulnerable to Buffer Overflow in the login functionality in\u00a0cgi-bin/cstecgi.cgi endpoint....", "creation_timestamp": "2026-06-23T14:47:08.041963Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/33033bdd-1ca9-4171-8c63-2e8d6d9021b1/export</guid>
      <pubDate>Tue, 23 Jun 2026 14:47:08 +0000</pubDate>
    </item>
    <item>
      <title>a51f1fca-a17c-4590-94a6-4315f0b59d10</title>
      <link>https://vulnerability.circl.lu/sighting/a51f1fca-a17c-4590-94a6-4315f0b59d10/export</link>
      <description>{"uuid": "a51f1fca-a17c-4590-94a6-4315f0b59d10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4408", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3moxiplgic22n", "content": "\u300cSamba\u300d\u306bRCE\u306a\u30696\u4ef6\u306e\u8106\u5f31\u6027 - \u4fee\u6b63\u30d1\u30c3\u30c1\u3092\u516c\u958b\n\n\u300cSamba\u300d\u306e\u958b\u767a\u30c1\u30fc\u30e0\u306f\u73fe\u5730\u6642\u95932026\u5e745\u670826\u65e5\u3001\u6df1\u523b\u306a\u8106\u5f31\u6027\u306b\u5bfe\u51e6\u3057\u305f\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u305f\u3002\n\n\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3067\u3001CVE\u30d9\u30fc\u30b9\u3067\u3042\u308f\u305b\u30666\u4ef6\u306e\u8106\u5f31\u6027\u3092\u4fee\u6b63\u3057\u3066\u3044\u308b\u3002\u306a\u304b\u3067\u3082\u300cCVE-2026-4408\u300d\u300cCVE-2026-4480\u300d\u306e\u5f71\u97ff\u306f\u5927\u304d\u3044\u3068\u3055\u308c\u308b\u3002\n\n\u300cCVE-2026-4408\u300d\u306f\u3001\u300cSAMR DCE/RPC\u30b5\u30fc\u30d3\u30b9\u300d\u306b\u304a\u3044\u3066\u78ba\u8a8d\u3055\u308c\u305f\u30b3\u30de\u30f3\u30c9\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u3002\u30d5\u30a1\u30a4\u30eb\u30b5\u30fc\u30d0\u3084\u300cActive Directory\u300d\u3067\u306f\u306a\u3044\u5f93\u6765\u578b\u30c9\u30e1\u30a4\u30f3\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u306b\u304a\u3051\u308b\u7279\u5b9a\u306e\u69cb\u6210\u304c\u5f71\u97ff\u3092\u53d7\u3051\u308b\u3002...", "creation_timestamp": "2026-06-23T13:23:45.343206Z"}</description>
      <content:encoded>{"uuid": "a51f1fca-a17c-4590-94a6-4315f0b59d10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4408", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3moxiplgic22n", "content": "\u300cSamba\u300d\u306bRCE\u306a\u30696\u4ef6\u306e\u8106\u5f31\u6027 - \u4fee\u6b63\u30d1\u30c3\u30c1\u3092\u516c\u958b\n\n\u300cSamba\u300d\u306e\u958b\u767a\u30c1\u30fc\u30e0\u306f\u73fe\u5730\u6642\u95932026\u5e745\u670826\u65e5\u3001\u6df1\u523b\u306a\u8106\u5f31\u6027\u306b\u5bfe\u51e6\u3057\u305f\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u305f\u3002\n\n\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3067\u3001CVE\u30d9\u30fc\u30b9\u3067\u3042\u308f\u305b\u30666\u4ef6\u306e\u8106\u5f31\u6027\u3092\u4fee\u6b63\u3057\u3066\u3044\u308b\u3002\u306a\u304b\u3067\u3082\u300cCVE-2026-4408\u300d\u300cCVE-2026-4480\u300d\u306e\u5f71\u97ff\u306f\u5927\u304d\u3044\u3068\u3055\u308c\u308b\u3002\n\n\u300cCVE-2026-4408\u300d\u306f\u3001\u300cSAMR DCE/RPC\u30b5\u30fc\u30d3\u30b9\u300d\u306b\u304a\u3044\u3066\u78ba\u8a8d\u3055\u308c\u305f\u30b3\u30de\u30f3\u30c9\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u3002\u30d5\u30a1\u30a4\u30eb\u30b5\u30fc\u30d0\u3084\u300cActive Directory\u300d\u3067\u306f\u306a\u3044\u5f93\u6765\u578b\u30c9\u30e1\u30a4\u30f3\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u306b\u304a\u3051\u308b\u7279\u5b9a\u306e\u69cb\u6210\u304c\u5f71\u97ff\u3092\u53d7\u3051\u308b\u3002...", "creation_timestamp": "2026-06-23T13:23:45.343206Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a51f1fca-a17c-4590-94a6-4315f0b59d10/export</guid>
      <pubDate>Tue, 23 Jun 2026 13:23:45 +0000</pubDate>
    </item>
    <item>
      <title>ca80baf3-3109-4d12-a706-295106992885</title>
      <link>https://vulnerability.circl.lu/sighting/ca80baf3-3109-4d12-a706-295106992885/export</link>
      <description>{"uuid": "ca80baf3-3109-4d12-a706-295106992885", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-44089", "type": "seen", "source": "https://cert.pl/en/posts/2026/06/CVE-2026-44089", "content": "", "creation_timestamp": "2026-06-23T03:55:00.000000Z"}</description>
      <content:encoded>{"uuid": "ca80baf3-3109-4d12-a706-295106992885", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-44089", "type": "seen", "source": "https://cert.pl/en/posts/2026/06/CVE-2026-44089", "content": "", "creation_timestamp": "2026-06-23T03:55:00.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ca80baf3-3109-4d12-a706-295106992885/export</guid>
      <pubDate>Tue, 23 Jun 2026 03:55:00 +0000</pubDate>
    </item>
    <item>
      <title>62b8e78c-31d1-4a37-bf1c-d02a3b3d01b3</title>
      <link>https://vulnerability.circl.lu/sighting/62b8e78c-31d1-4a37-bf1c-d02a3b3d01b3/export</link>
      <description>{"uuid": "62b8e78c-31d1-4a37-bf1c-d02a3b3d01b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44083", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motoso7fdr2z", "content": "\ud83d\udea8  ALERT: CVE-2026-44083\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nAn authorization bypass through user-controlled key vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to gain unintended privileges.\n\nWe have already fixed the vulnerability in the following", "creation_timestamp": "2026-06-22T01:02:12.398098Z"}</description>
      <content:encoded>{"uuid": "62b8e78c-31d1-4a37-bf1c-d02a3b3d01b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44083", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motoso7fdr2z", "content": "\ud83d\udea8  ALERT: CVE-2026-44083\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nAn authorization bypass through user-controlled key vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to gain unintended privileges.\n\nWe have already fixed the vulnerability in the following", "creation_timestamp": "2026-06-22T01:02:12.398098Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/62b8e78c-31d1-4a37-bf1c-d02a3b3d01b3/export</guid>
      <pubDate>Mon, 22 Jun 2026 01:02:12 +0000</pubDate>
    </item>
    <item>
      <title>dff23699-2332-4dbc-bf35-9bf2530689b3</title>
      <link>https://vulnerability.circl.lu/sighting/dff23699-2332-4dbc-bf35-9bf2530689b3/export</link>
      <description>{"uuid": "dff23699-2332-4dbc-bf35-9bf2530689b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44087", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116782433283716837", "content": "Attention, elevated activities detected targeting Apache APISIX (CVE-2026-44087) https://vuldb.com/vuln/372363/cti", "creation_timestamp": "2026-06-20T12:28:38.163288Z"}</description>
      <content:encoded>{"uuid": "dff23699-2332-4dbc-bf35-9bf2530689b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44087", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116782433283716837", "content": "Attention, elevated activities detected targeting Apache APISIX (CVE-2026-44087) https://vuldb.com/vuln/372363/cti", "creation_timestamp": "2026-06-20T12:28:38.163288Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/dff23699-2332-4dbc-bf35-9bf2530689b3/export</guid>
      <pubDate>Sat, 20 Jun 2026 12:28:38 +0000</pubDate>
    </item>
    <item>
      <title>db665c96-629c-4ef6-a19d-ff71df431a4b</title>
      <link>https://vulnerability.circl.lu/sighting/db665c96-629c-4ef6-a19d-ff71df431a4b/export</link>
      <description>{"uuid": "db665c96-629c-4ef6-a19d-ff71df431a4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44087", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3monktjewzu2a", "content": "CVE-2026-44087: Apache APISIX: Openid-connect plugin Identity Header Spoofing", "creation_timestamp": "2026-06-19T14:35:07.621944Z"}</description>
      <content:encoded>{"uuid": "db665c96-629c-4ef6-a19d-ff71df431a4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44087", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3monktjewzu2a", "content": "CVE-2026-44087: Apache APISIX: Openid-connect plugin Identity Header Spoofing", "creation_timestamp": "2026-06-19T14:35:07.621944Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/db665c96-629c-4ef6-a19d-ff71df431a4b/export</guid>
      <pubDate>Fri, 19 Jun 2026 14:35:07 +0000</pubDate>
    </item>
  </channel>
</rss>
