<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sun, 05 Jul 2026 12:00:29 +0000</lastBuildDate>
    <item>
      <title>ce085e74-1bdc-4f9a-a3a0-b25079c1a366</title>
      <link>https://vulnerability.circl.lu/sighting/ce085e74-1bdc-4f9a-a3a0-b25079c1a366/export</link>
      <description>{"uuid": "ce085e74-1bdc-4f9a-a3a0-b25079c1a366", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48704", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp2vejghfq2f", "content": "CVE-2026-48704 - Warp Markdown notebook links may open executable local files\nCVE ID : CVE-2026-48704\n \n Published : June 24, 2026, 5:35 p.m. | 3\u00a0hours, 35\u00a0minutes ago\n \n Description : Warp is an agentic development environment. From 0.2023.10.24.08.03.stable_00 until 0.2026.0...", "creation_timestamp": "2026-06-24T21:48:12.107957Z"}</description>
      <content:encoded>{"uuid": "ce085e74-1bdc-4f9a-a3a0-b25079c1a366", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48704", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp2vejghfq2f", "content": "CVE-2026-48704 - Warp Markdown notebook links may open executable local files\nCVE ID : CVE-2026-48704\n \n Published : June 24, 2026, 5:35 p.m. | 3\u00a0hours, 35\u00a0minutes ago\n \n Description : Warp is an agentic development environment. From 0.2023.10.24.08.03.stable_00 until 0.2026.0...", "creation_timestamp": "2026-06-24T21:48:12.107957Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ce085e74-1bdc-4f9a-a3a0-b25079c1a366/export</guid>
      <pubDate>Wed, 24 Jun 2026 21:48:12 +0000</pubDate>
    </item>
    <item>
      <title>10b19d20-1371-425a-a757-d2f1d7093535</title>
      <link>https://vulnerability.circl.lu/sighting/10b19d20-1371-425a-a757-d2f1d7093535/export</link>
      <description>{"uuid": "10b19d20-1371-425a-a757-d2f1d7093535", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48708", "type": "seen", "source": "https://gist.github.com/alon710/3e7dd842c80dfd534275b1d215c3d4b9", "content": "# CVE-2026-48708: CVE-2026-48708: Concurrent Template Parsing Race Condition in OliveTin leading to Cross-Request Command Contamination\n\n&amp;gt; **CVSS Score:** 7.5\n&amp;gt; **Published:** 2026-06-24\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-48708\n\n## Summary\nCVE-2026-48708 details a critical concurrency synchronization flaw in OliveTin versions &amp;lt; 3000.13.0. A shared package-level text/template.Template instance is accessed concurrently across multiple goroutines without proper synchronization. When concurrent request processing occurs, a race condition causes Go runtime panics or command contamination across separate sessions, enabling denial of service or execution of contaminated commands.\n\n## TL;DR\nA concurrent template parsing race condition in OliveTin allows authenticated users to crash the daemon or cause cross-request command contamination, potentially executing unauthorized commands.\n\n## Technical Details\n\n- **CWE ID**: CWE-362\n- **Attack Vector**: Network (AV:N)\n- **CVSS v3.1 Score**: 7.5 (High)\n- **EPSS Score**: 0.00349 (0.349%)\n- **Exploit Status**: None / Theoretical\n- **CISA KEV Status**: Not Listed\n- **Primary Impact**: Denial of Service / Command Contamination\n\n## Affected Systems\n\n- OliveTin versions prior to 3000.13.0\n- **OliveTin**: &amp;lt; 3000.13.0 (Fixed in: `3000.13.0`)\n\n## Mitigation\n\n- Upgrade OliveTin to version 3000.13.0 or later.\n- Implement strict rate-limiting on reverse proxies to limit concurrent execution requests to 1.\n- Restrict access to the OliveTin control panel using strong multi-factor authentication and trusted IP networks.\n\n**Remediation Steps:**\n1. Identify current OliveTin deployments running versions prior to 3000.13.0.\n2. Pull the updated Docker image or download the latest binary from the official release page: https://github.com/OliveTin/OliveTin/releases/tag/3000.13.0\n3. Deploy the update and restart the daemon to apply the template isolation patches.\n4. Validate the update by checking logs for the absence of Go concurrent map write panic traces.\n\n## References\n\n- [GitHub Security Advisory GHSA-7fq5-7wr8-rjwj](https://github.com/OliveTin/OliveTin/security/advisories/GHSA-7fq5-7wr8-rjwj)\n- [OliveTin Remediation Commit](https://github.com/OliveTin/OliveTin/commit/d74da9314005954dd49fa20dabf272247bc76519)\n- [OliveTin Release 3000.13.0](https://github.com/OliveTin/OliveTin/releases/tag/3000.13.0)\n- [CVE.org Official Record](https://www.cve.org/CVERecord?id=CVE-2026-48708)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-48708) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-24T20:02:14.810358Z"}</description>
      <content:encoded>{"uuid": "10b19d20-1371-425a-a757-d2f1d7093535", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48708", "type": "seen", "source": "https://gist.github.com/alon710/3e7dd842c80dfd534275b1d215c3d4b9", "content": "# CVE-2026-48708: CVE-2026-48708: Concurrent Template Parsing Race Condition in OliveTin leading to Cross-Request Command Contamination\n\n&amp;gt; **CVSS Score:** 7.5\n&amp;gt; **Published:** 2026-06-24\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-48708\n\n## Summary\nCVE-2026-48708 details a critical concurrency synchronization flaw in OliveTin versions &amp;lt; 3000.13.0. A shared package-level text/template.Template instance is accessed concurrently across multiple goroutines without proper synchronization. When concurrent request processing occurs, a race condition causes Go runtime panics or command contamination across separate sessions, enabling denial of service or execution of contaminated commands.\n\n## TL;DR\nA concurrent template parsing race condition in OliveTin allows authenticated users to crash the daemon or cause cross-request command contamination, potentially executing unauthorized commands.\n\n## Technical Details\n\n- **CWE ID**: CWE-362\n- **Attack Vector**: Network (AV:N)\n- **CVSS v3.1 Score**: 7.5 (High)\n- **EPSS Score**: 0.00349 (0.349%)\n- **Exploit Status**: None / Theoretical\n- **CISA KEV Status**: Not Listed\n- **Primary Impact**: Denial of Service / Command Contamination\n\n## Affected Systems\n\n- OliveTin versions prior to 3000.13.0\n- **OliveTin**: &amp;lt; 3000.13.0 (Fixed in: `3000.13.0`)\n\n## Mitigation\n\n- Upgrade OliveTin to version 3000.13.0 or later.\n- Implement strict rate-limiting on reverse proxies to limit concurrent execution requests to 1.\n- Restrict access to the OliveTin control panel using strong multi-factor authentication and trusted IP networks.\n\n**Remediation Steps:**\n1. Identify current OliveTin deployments running versions prior to 3000.13.0.\n2. Pull the updated Docker image or download the latest binary from the official release page: https://github.com/OliveTin/OliveTin/releases/tag/3000.13.0\n3. Deploy the update and restart the daemon to apply the template isolation patches.\n4. Validate the update by checking logs for the absence of Go concurrent map write panic traces.\n\n## References\n\n- [GitHub Security Advisory GHSA-7fq5-7wr8-rjwj](https://github.com/OliveTin/OliveTin/security/advisories/GHSA-7fq5-7wr8-rjwj)\n- [OliveTin Remediation Commit](https://github.com/OliveTin/OliveTin/commit/d74da9314005954dd49fa20dabf272247bc76519)\n- [OliveTin Release 3000.13.0](https://github.com/OliveTin/OliveTin/releases/tag/3000.13.0)\n- [CVE.org Official Record](https://www.cve.org/CVERecord?id=CVE-2026-48708)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-48708) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-24T20:02:14.810358Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/10b19d20-1371-425a-a757-d2f1d7093535/export</guid>
      <pubDate>Wed, 24 Jun 2026 20:02:14 +0000</pubDate>
    </item>
    <item>
      <title>7063a9f8-32ad-4029-8c0d-714494ed320b</title>
      <link>https://vulnerability.circl.lu/sighting/7063a9f8-32ad-4029-8c0d-714494ed320b/export</link>
      <description>{"uuid": "7063a9f8-32ad-4029-8c0d-714494ed320b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48708", "type": "seen", "source": "https://gist.github.com/alon710/cb59405487e5944ed006860e5bc630ab", "content": "# CVE-2026-48708: CVE-2026-48708: Concurrent Template Parsing Race Condition in OliveTin leading to Cross-Request Command Contamination\n\n&amp;gt; **CVSS Score:** 7.5\n&amp;gt; **Published:** 2026-06-24\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-48708\n\n## Summary\nCVE-2026-48708 details a critical concurrency synchronization flaw in OliveTin versions &amp;lt; 3000.13.0. A shared package-level text/template.Template instance is accessed concurrently across multiple goroutines without proper synchronization. When concurrent request processing occurs, a race condition causes Go runtime panics or command contamination across separate sessions, enabling denial of service or execution of contaminated commands.\n\n## TL;DR\nA concurrent template parsing race condition in OliveTin allows authenticated users to crash the daemon or cause cross-request command contamination, potentially executing unauthorized commands.\n\n## Technical Details\n\n- **CWE ID**: CWE-362\n- **Attack Vector**: Network (AV:N)\n- **CVSS v3.1 Score**: 7.5 (High)\n- **EPSS Score**: 0.00349 (0.349%)\n- **Exploit Status**: None / Theoretical\n- **CISA KEV Status**: Not Listed\n- **Primary Impact**: Denial of Service / Command Contamination\n\n## Affected Systems\n\n- OliveTin versions prior to 3000.13.0\n- **OliveTin**: &amp;lt; 3000.13.0 (Fixed in: `3000.13.0`)\n\n## Mitigation\n\n- Upgrade OliveTin to version 3000.13.0 or later.\n- Implement strict rate-limiting on reverse proxies to limit concurrent execution requests to 1.\n- Restrict access to the OliveTin control panel using strong multi-factor authentication and trusted IP networks.\n\n**Remediation Steps:**\n1. Identify current OliveTin deployments running versions prior to 3000.13.0.\n2. Pull the updated Docker image or download the latest binary from the official release page: https://github.com/OliveTin/OliveTin/releases/tag/3000.13.0\n3. Deploy the update and restart the daemon to apply the template isolation patches.\n4. Validate the update by checking logs for the absence of Go concurrent map write panic traces.\n\n## References\n\n- [GitHub Security Advisory GHSA-7fq5-7wr8-rjwj](https://github.com/OliveTin/OliveTin/security/advisories/GHSA-7fq5-7wr8-rjwj)\n- [OliveTin Remediation Commit](https://github.com/OliveTin/OliveTin/commit/d74da9314005954dd49fa20dabf272247bc76519)\n- [OliveTin Release 3000.13.0](https://github.com/OliveTin/OliveTin/releases/tag/3000.13.0)\n- [CVE.org Official Record](https://www.cve.org/CVERecord?id=CVE-2026-48708)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-48708) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-24T19:54:03.179003Z"}</description>
      <content:encoded>{"uuid": "7063a9f8-32ad-4029-8c0d-714494ed320b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48708", "type": "seen", "source": "https://gist.github.com/alon710/cb59405487e5944ed006860e5bc630ab", "content": "# CVE-2026-48708: CVE-2026-48708: Concurrent Template Parsing Race Condition in OliveTin leading to Cross-Request Command Contamination\n\n&amp;gt; **CVSS Score:** 7.5\n&amp;gt; **Published:** 2026-06-24\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-48708\n\n## Summary\nCVE-2026-48708 details a critical concurrency synchronization flaw in OliveTin versions &amp;lt; 3000.13.0. A shared package-level text/template.Template instance is accessed concurrently across multiple goroutines without proper synchronization. When concurrent request processing occurs, a race condition causes Go runtime panics or command contamination across separate sessions, enabling denial of service or execution of contaminated commands.\n\n## TL;DR\nA concurrent template parsing race condition in OliveTin allows authenticated users to crash the daemon or cause cross-request command contamination, potentially executing unauthorized commands.\n\n## Technical Details\n\n- **CWE ID**: CWE-362\n- **Attack Vector**: Network (AV:N)\n- **CVSS v3.1 Score**: 7.5 (High)\n- **EPSS Score**: 0.00349 (0.349%)\n- **Exploit Status**: None / Theoretical\n- **CISA KEV Status**: Not Listed\n- **Primary Impact**: Denial of Service / Command Contamination\n\n## Affected Systems\n\n- OliveTin versions prior to 3000.13.0\n- **OliveTin**: &amp;lt; 3000.13.0 (Fixed in: `3000.13.0`)\n\n## Mitigation\n\n- Upgrade OliveTin to version 3000.13.0 or later.\n- Implement strict rate-limiting on reverse proxies to limit concurrent execution requests to 1.\n- Restrict access to the OliveTin control panel using strong multi-factor authentication and trusted IP networks.\n\n**Remediation Steps:**\n1. Identify current OliveTin deployments running versions prior to 3000.13.0.\n2. Pull the updated Docker image or download the latest binary from the official release page: https://github.com/OliveTin/OliveTin/releases/tag/3000.13.0\n3. Deploy the update and restart the daemon to apply the template isolation patches.\n4. Validate the update by checking logs for the absence of Go concurrent map write panic traces.\n\n## References\n\n- [GitHub Security Advisory GHSA-7fq5-7wr8-rjwj](https://github.com/OliveTin/OliveTin/security/advisories/GHSA-7fq5-7wr8-rjwj)\n- [OliveTin Remediation Commit](https://github.com/OliveTin/OliveTin/commit/d74da9314005954dd49fa20dabf272247bc76519)\n- [OliveTin Release 3000.13.0](https://github.com/OliveTin/OliveTin/releases/tag/3000.13.0)\n- [CVE.org Official Record](https://www.cve.org/CVERecord?id=CVE-2026-48708)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-48708) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-24T19:54:03.179003Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7063a9f8-32ad-4029-8c0d-714494ed320b/export</guid>
      <pubDate>Wed, 24 Jun 2026 19:54:03 +0000</pubDate>
    </item>
    <item>
      <title>a2146757-f5ab-430e-bd03-70b0f1bac47c</title>
      <link>https://vulnerability.circl.lu/sighting/a2146757-f5ab-430e-bd03-70b0f1bac47c/export</link>
      <description>{"uuid": "a2146757-f5ab-430e-bd03-70b0f1bac47c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48709", "type": "seen", "source": "https://gist.github.com/alon710/1366cab1be37fd922161593dd6bd5218", "content": "# CVE-2026-48709: CVE-2026-48709: Missing Authorization in OliveTin ValidateArgumentType RPC Endpoint\n\n&amp;gt; **CVSS Score:** 3.7\n&amp;gt; **Published:** 2026-06-24\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-48709\n\n## Summary\nA missing authorization vulnerability in the OliveTin system allows unauthenticated remote actors to query the ValidateArgumentType RPC endpoint. By exploiting this flaw, attackers can execute systematic brute-force and side-channel validation attacks to enumerate active action binding IDs, parameter structures, and operational metadata, bypassing configured guest authentication barriers.\n\n## TL;DR\nOliveTin prior to version 3000.13.0 exposes its ValidateArgumentType API endpoint to unauthenticated guest users. Remote attackers can leverage this missing access control to execute oracle-style enumeration attacks, mapping out administrative action binding IDs and parameter requirements.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-862\n- **Attack Vector**: Network (AV:N)\n- **CVSS v3.1**: 3.7\n- **EPSS Score**: 0.00269\n- **Impact**: Low (Information Disclosure / Reconnaissance)\n- **Exploit Status**: Proof of Concept (PoC) documented\n- **KEV Status**: Not listed in CISA KEV\n\n## Affected Systems\n\n- OliveTin (All versions prior to 3000.13.0)\n- **OliveTin**: &amp;lt; 3000.13.0 (Fixed in: `3000.13.0`)\n\n## Mitigation\n\n- Upgrade OliveTin to version 3000.13.0 or later\n- Deploy a reverse proxy (Nginx/Caddy) to block access to the ValidateArgumentType RPC endpoints\n- Use high-entropy, randomized action titles to prevent brute-forcing of binding IDs\n\n**Remediation Steps:**\n1. Step 1: Identify all running OliveTin containers or binary instances in the environment.\n2. Step 2: Update the deployment configurations (Docker Compose, systemd) to reference version 3000.13.0 or higher.\n3. Step 3: If upgrade is delayed, add a location block in the reverse proxy configuration to return 403 for /api/ValidateArgumentType.\n4. Step 4: Audit existing action titles and rewrite highly predictable names using high-entropy suffixes.\n\n## References\n\n- [GHSA-f637-w7p2-m7fx: OliveTin Missing Authorization in ValidateArgumentType](https://github.com/OliveTin/OliveTin/security/advisories/GHSA-f637-w7p2-m7fx)\n- [NVD - CVE-2026-48709 Detail](https://nvd.nist.gov/vuln/detail/CVE-2026-48709)\n- [OliveTin GitHub Project Page](https://github.com/OliveTin/OliveTin)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-48709) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-24T19:04:03.100639Z"}</description>
      <content:encoded>{"uuid": "a2146757-f5ab-430e-bd03-70b0f1bac47c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48709", "type": "seen", "source": "https://gist.github.com/alon710/1366cab1be37fd922161593dd6bd5218", "content": "# CVE-2026-48709: CVE-2026-48709: Missing Authorization in OliveTin ValidateArgumentType RPC Endpoint\n\n&amp;gt; **CVSS Score:** 3.7\n&amp;gt; **Published:** 2026-06-24\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-48709\n\n## Summary\nA missing authorization vulnerability in the OliveTin system allows unauthenticated remote actors to query the ValidateArgumentType RPC endpoint. By exploiting this flaw, attackers can execute systematic brute-force and side-channel validation attacks to enumerate active action binding IDs, parameter structures, and operational metadata, bypassing configured guest authentication barriers.\n\n## TL;DR\nOliveTin prior to version 3000.13.0 exposes its ValidateArgumentType API endpoint to unauthenticated guest users. Remote attackers can leverage this missing access control to execute oracle-style enumeration attacks, mapping out administrative action binding IDs and parameter requirements.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-862\n- **Attack Vector**: Network (AV:N)\n- **CVSS v3.1**: 3.7\n- **EPSS Score**: 0.00269\n- **Impact**: Low (Information Disclosure / Reconnaissance)\n- **Exploit Status**: Proof of Concept (PoC) documented\n- **KEV Status**: Not listed in CISA KEV\n\n## Affected Systems\n\n- OliveTin (All versions prior to 3000.13.0)\n- **OliveTin**: &amp;lt; 3000.13.0 (Fixed in: `3000.13.0`)\n\n## Mitigation\n\n- Upgrade OliveTin to version 3000.13.0 or later\n- Deploy a reverse proxy (Nginx/Caddy) to block access to the ValidateArgumentType RPC endpoints\n- Use high-entropy, randomized action titles to prevent brute-forcing of binding IDs\n\n**Remediation Steps:**\n1. Step 1: Identify all running OliveTin containers or binary instances in the environment.\n2. Step 2: Update the deployment configurations (Docker Compose, systemd) to reference version 3000.13.0 or higher.\n3. Step 3: If upgrade is delayed, add a location block in the reverse proxy configuration to return 403 for /api/ValidateArgumentType.\n4. Step 4: Audit existing action titles and rewrite highly predictable names using high-entropy suffixes.\n\n## References\n\n- [GHSA-f637-w7p2-m7fx: OliveTin Missing Authorization in ValidateArgumentType](https://github.com/OliveTin/OliveTin/security/advisories/GHSA-f637-w7p2-m7fx)\n- [NVD - CVE-2026-48709 Detail](https://nvd.nist.gov/vuln/detail/CVE-2026-48709)\n- [OliveTin GitHub Project Page](https://github.com/OliveTin/OliveTin)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-48709) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-24T19:04:03.100639Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a2146757-f5ab-430e-bd03-70b0f1bac47c/export</guid>
      <pubDate>Wed, 24 Jun 2026 19:04:03 +0000</pubDate>
    </item>
    <item>
      <title>258998c1-54ba-4029-bb11-c6cda285967b</title>
      <link>https://vulnerability.circl.lu/sighting/258998c1-54ba-4029-bb11-c6cda285967b/export</link>
      <description>{"uuid": "258998c1-54ba-4029-bb11-c6cda285967b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48709", "type": "seen", "source": "https://gist.github.com/alon710/f2b2f51072808beda8e52a43b0bdd064", "content": "# CVE-2026-48709: CVE-2026-48709: Missing Authorization in OliveTin ValidateArgumentType RPC Endpoint\n\n&amp;gt; **CVSS Score:** 3.7\n&amp;gt; **Published:** 2026-06-24\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-48709\n\n## Summary\nA missing authorization vulnerability in the OliveTin system allows unauthenticated remote actors to query the ValidateArgumentType RPC endpoint. By exploiting this flaw, attackers can execute systematic brute-force and side-channel validation attacks to enumerate active action binding IDs, parameter structures, and operational metadata, bypassing configured guest authentication barriers.\n\n## TL;DR\nOliveTin prior to version 3000.13.0 exposes its ValidateArgumentType API endpoint to unauthenticated guest users. Remote attackers can leverage this missing access control to execute oracle-style enumeration attacks, mapping out administrative action binding IDs and parameter requirements.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-862\n- **Attack Vector**: Network (AV:N)\n- **CVSS v3.1**: 3.7\n- **EPSS Score**: 0.00269\n- **Impact**: Low (Information Disclosure / Reconnaissance)\n- **Exploit Status**: Proof of Concept (PoC) documented\n- **KEV Status**: Not listed in CISA KEV\n\n## Affected Systems\n\n- OliveTin (All versions prior to 3000.13.0)\n- **OliveTin**: &amp;lt; 3000.13.0 (Fixed in: `3000.13.0`)\n\n## Mitigation\n\n- Upgrade OliveTin to version 3000.13.0 or later\n- Deploy a reverse proxy (Nginx/Caddy) to block access to the ValidateArgumentType RPC endpoints\n- Use high-entropy, randomized action titles to prevent brute-forcing of binding IDs\n\n**Remediation Steps:**\n1. Step 1: Identify all running OliveTin containers or binary instances in the environment.\n2. Step 2: Update the deployment configurations (Docker Compose, systemd) to reference version 3000.13.0 or higher.\n3. Step 3: If upgrade is delayed, add a location block in the reverse proxy configuration to return 403 for /api/ValidateArgumentType.\n4. Step 4: Audit existing action titles and rewrite highly predictable names using high-entropy suffixes.\n\n## References\n\n- [GHSA-f637-w7p2-m7fx: OliveTin Missing Authorization in ValidateArgumentType](https://github.com/OliveTin/OliveTin/security/advisories/GHSA-f637-w7p2-m7fx)\n- [NVD - CVE-2026-48709 Detail](https://nvd.nist.gov/vuln/detail/CVE-2026-48709)\n- [OliveTin GitHub Project Page](https://github.com/OliveTin/OliveTin)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-48709) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-24T18:43:21.864665Z"}</description>
      <content:encoded>{"uuid": "258998c1-54ba-4029-bb11-c6cda285967b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48709", "type": "seen", "source": "https://gist.github.com/alon710/f2b2f51072808beda8e52a43b0bdd064", "content": "# CVE-2026-48709: CVE-2026-48709: Missing Authorization in OliveTin ValidateArgumentType RPC Endpoint\n\n&amp;gt; **CVSS Score:** 3.7\n&amp;gt; **Published:** 2026-06-24\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-48709\n\n## Summary\nA missing authorization vulnerability in the OliveTin system allows unauthenticated remote actors to query the ValidateArgumentType RPC endpoint. By exploiting this flaw, attackers can execute systematic brute-force and side-channel validation attacks to enumerate active action binding IDs, parameter structures, and operational metadata, bypassing configured guest authentication barriers.\n\n## TL;DR\nOliveTin prior to version 3000.13.0 exposes its ValidateArgumentType API endpoint to unauthenticated guest users. Remote attackers can leverage this missing access control to execute oracle-style enumeration attacks, mapping out administrative action binding IDs and parameter requirements.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-862\n- **Attack Vector**: Network (AV:N)\n- **CVSS v3.1**: 3.7\n- **EPSS Score**: 0.00269\n- **Impact**: Low (Information Disclosure / Reconnaissance)\n- **Exploit Status**: Proof of Concept (PoC) documented\n- **KEV Status**: Not listed in CISA KEV\n\n## Affected Systems\n\n- OliveTin (All versions prior to 3000.13.0)\n- **OliveTin**: &amp;lt; 3000.13.0 (Fixed in: `3000.13.0`)\n\n## Mitigation\n\n- Upgrade OliveTin to version 3000.13.0 or later\n- Deploy a reverse proxy (Nginx/Caddy) to block access to the ValidateArgumentType RPC endpoints\n- Use high-entropy, randomized action titles to prevent brute-forcing of binding IDs\n\n**Remediation Steps:**\n1. Step 1: Identify all running OliveTin containers or binary instances in the environment.\n2. Step 2: Update the deployment configurations (Docker Compose, systemd) to reference version 3000.13.0 or higher.\n3. Step 3: If upgrade is delayed, add a location block in the reverse proxy configuration to return 403 for /api/ValidateArgumentType.\n4. Step 4: Audit existing action titles and rewrite highly predictable names using high-entropy suffixes.\n\n## References\n\n- [GHSA-f637-w7p2-m7fx: OliveTin Missing Authorization in ValidateArgumentType](https://github.com/OliveTin/OliveTin/security/advisories/GHSA-f637-w7p2-m7fx)\n- [NVD - CVE-2026-48709 Detail](https://nvd.nist.gov/vuln/detail/CVE-2026-48709)\n- [OliveTin GitHub Project Page](https://github.com/OliveTin/OliveTin)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-48709) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-24T18:43:21.864665Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/258998c1-54ba-4029-bb11-c6cda285967b/export</guid>
      <pubDate>Wed, 24 Jun 2026 18:43:21 +0000</pubDate>
    </item>
    <item>
      <title>ee9567de-ac9f-4c30-b983-6635cfdeb129</title>
      <link>https://vulnerability.circl.lu/sighting/ee9567de-ac9f-4c30-b983-6635cfdeb129/export</link>
      <description>{"uuid": "ee9567de-ac9f-4c30-b983-6635cfdeb129", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48708", "type": "published-proof-of-concept", "source": "https://github.com/OliveTin/OliveTin/security/advisories/GHSA-7fq5-7wr8-rjwj", "content": "", "creation_timestamp": "2026-06-24T18:35:07.665338Z"}</description>
      <content:encoded>{"uuid": "ee9567de-ac9f-4c30-b983-6635cfdeb129", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48708", "type": "published-proof-of-concept", "source": "https://github.com/OliveTin/OliveTin/security/advisories/GHSA-7fq5-7wr8-rjwj", "content": "", "creation_timestamp": "2026-06-24T18:35:07.665338Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ee9567de-ac9f-4c30-b983-6635cfdeb129/export</guid>
      <pubDate>Wed, 24 Jun 2026 18:35:07 +0000</pubDate>
    </item>
    <item>
      <title>cd8be0af-a6ff-42c3-a67b-af9d1f1f68e1</title>
      <link>https://vulnerability.circl.lu/sighting/cd8be0af-a6ff-42c3-a67b-af9d1f1f68e1/export</link>
      <description>{"uuid": "cd8be0af-a6ff-42c3-a67b-af9d1f1f68e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48709", "type": "published-proof-of-concept", "source": "https://github.com/OliveTin/OliveTin/security/advisories/GHSA-f637-w7p2-m7fx", "content": "", "creation_timestamp": "2026-06-24T18:35:05.246942Z"}</description>
      <content:encoded>{"uuid": "cd8be0af-a6ff-42c3-a67b-af9d1f1f68e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48709", "type": "published-proof-of-concept", "source": "https://github.com/OliveTin/OliveTin/security/advisories/GHSA-f637-w7p2-m7fx", "content": "", "creation_timestamp": "2026-06-24T18:35:05.246942Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/cd8be0af-a6ff-42c3-a67b-af9d1f1f68e1/export</guid>
      <pubDate>Wed, 24 Jun 2026 18:35:05 +0000</pubDate>
    </item>
    <item>
      <title>e139f191-2831-438b-ad3b-a67df7c60117</title>
      <link>https://vulnerability.circl.lu/sighting/e139f191-2831-438b-ad3b-a67df7c60117/export</link>
      <description>{"uuid": "e139f191-2831-438b-ad3b-a67df7c60117", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48700", "type": "seen", "source": "https://bsky.app/profile/matoken.inari.opencocon.org.ap.brid.gy/post/3mmmusivcvso2", "content": "\u6700\u8fd1\u4f7f\u3063\u3066\u3044\u308b\u30d5\u30a1\u30a4\u30e9\u30fc\u306bCVE\u304c\n\nCVE Record: CVE-2026-48700 https://www.cve.org/CVERecord?id=CVE-2026-48700", "creation_timestamp": "2026-05-24T21:10:32.389712Z"}</description>
      <content:encoded>{"uuid": "e139f191-2831-438b-ad3b-a67df7c60117", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48700", "type": "seen", "source": "https://bsky.app/profile/matoken.inari.opencocon.org.ap.brid.gy/post/3mmmusivcvso2", "content": "\u6700\u8fd1\u4f7f\u3063\u3066\u3044\u308b\u30d5\u30a1\u30a4\u30e9\u30fc\u306bCVE\u304c\n\nCVE Record: CVE-2026-48700 https://www.cve.org/CVERecord?id=CVE-2026-48700", "creation_timestamp": "2026-05-24T21:10:32.389712Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e139f191-2831-438b-ad3b-a67df7c60117/export</guid>
      <pubDate>Sun, 24 May 2026 21:10:32 +0000</pubDate>
    </item>
    <item>
      <title>f0021020-7669-4e3e-af43-c2729fbbcc5c</title>
      <link>https://vulnerability.circl.lu/sighting/f0021020-7669-4e3e-af43-c2729fbbcc5c/export</link>
      <description>{"uuid": "f0021020-7669-4e3e-af43-c2729fbbcc5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48700", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmi2fe6z5d2h", "content": "CVE-2026-48700 - PCManFM-Qt File Path URI Execution\nCVE ID : CVE-2026-48700\n \n Published : May 22, 2026, 6:43 p.m. | 1\u00a0hour, 37\u00a0minutes ago\n \n Description : An issue was discovered in all versions of PCManFM-Qt starting from 1.1.0. When a regular file's path is passed as a URI...", "creation_timestamp": "2026-05-22T23:07:23.664837Z"}</description>
      <content:encoded>{"uuid": "f0021020-7669-4e3e-af43-c2729fbbcc5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48700", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmi2fe6z5d2h", "content": "CVE-2026-48700 - PCManFM-Qt File Path URI Execution\nCVE ID : CVE-2026-48700\n \n Published : May 22, 2026, 6:43 p.m. | 1\u00a0hour, 37\u00a0minutes ago\n \n Description : An issue was discovered in all versions of PCManFM-Qt starting from 1.1.0. When a regular file's path is passed as a URI...", "creation_timestamp": "2026-05-22T23:07:23.664837Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/f0021020-7669-4e3e-af43-c2729fbbcc5c/export</guid>
      <pubDate>Fri, 22 May 2026 23:07:23 +0000</pubDate>
    </item>
  </channel>
</rss>
