<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Wed, 01 Jul 2026 12:37:56 +0000</lastBuildDate>
    <item>
      <title>50737862-d356-4204-89e4-a38e3ae7af2b</title>
      <link>https://vulnerability.circl.lu/sighting/50737862-d356-4204-89e4-a38e3ae7af2b/export</link>
      <description>{"uuid": "50737862-d356-4204-89e4-a38e3ae7af2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48769", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mpkhz3v4sb2v", "content": "Six Incus vulnerabilities, all rated CVSS 9.9, are fixed in v7.2.0. CVE-2026-48769 and CVE-2026-48755 enable root attacks. Update now.\n\n#Incus #LinuxContainers #ContainerSecurity #CVE #Potatosecurity #Infosec", "creation_timestamp": "2026-07-01T02:31:46.064315Z"}</description>
      <content:encoded>{"uuid": "50737862-d356-4204-89e4-a38e3ae7af2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48769", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mpkhz3v4sb2v", "content": "Six Incus vulnerabilities, all rated CVSS 9.9, are fixed in v7.2.0. CVE-2026-48769 and CVE-2026-48755 enable root attacks. Update now.\n\n#Incus #LinuxContainers #ContainerSecurity #CVE #Potatosecurity #Infosec", "creation_timestamp": "2026-07-01T02:31:46.064315Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/50737862-d356-4204-89e4-a38e3ae7af2b/export</guid>
      <pubDate>Wed, 01 Jul 2026 02:31:46 +0000</pubDate>
    </item>
    <item>
      <title>d270cb48-fedc-4ebf-9fb5-d388ada09c50</title>
      <link>https://vulnerability.circl.lu/sighting/d270cb48-fedc-4ebf-9fb5-d388ada09c50/export</link>
      <description>{"uuid": "d270cb48-fedc-4ebf-9fb5-d388ada09c50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48769", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mpkh3n7jjr2b", "content": "Six Incus vulnerabilities, all rated CVSS 9.9, are fixed in v7.2.0. CVE-2026-48769 and CVE-2026-48755 enable root attacks. Update now.\n\n#Incus #LinuxContainers #ContainerSecurity #CVE #Cybersecurity #Infosec", "creation_timestamp": "2026-07-01T02:15:18.004238Z"}</description>
      <content:encoded>{"uuid": "d270cb48-fedc-4ebf-9fb5-d388ada09c50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48769", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mpkh3n7jjr2b", "content": "Six Incus vulnerabilities, all rated CVSS 9.9, are fixed in v7.2.0. CVE-2026-48769 and CVE-2026-48755 enable root attacks. Update now.\n\n#Incus #LinuxContainers #ContainerSecurity #CVE #Cybersecurity #Infosec", "creation_timestamp": "2026-07-01T02:15:18.004238Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d270cb48-fedc-4ebf-9fb5-d388ada09c50/export</guid>
      <pubDate>Wed, 01 Jul 2026 02:15:18 +0000</pubDate>
    </item>
    <item>
      <title>34a4c33e-5162-4e8e-8893-b695b604eb84</title>
      <link>https://vulnerability.circl.lu/sighting/34a4c33e-5162-4e8e-8893-b695b604eb84/export</link>
      <description>{"uuid": "34a4c33e-5162-4e8e-8893-b695b604eb84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48769", "type": "published-proof-of-concept", "source": "https://github.com/lxc/incus/security/advisories/GHSA-f6m5-xw2g-xc4x", "content": "", "creation_timestamp": "2026-06-26T20:35:07.965046Z"}</description>
      <content:encoded>{"uuid": "34a4c33e-5162-4e8e-8893-b695b604eb84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48769", "type": "published-proof-of-concept", "source": "https://github.com/lxc/incus/security/advisories/GHSA-f6m5-xw2g-xc4x", "content": "", "creation_timestamp": "2026-06-26T20:35:07.965046Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/34a4c33e-5162-4e8e-8893-b695b604eb84/export</guid>
      <pubDate>Fri, 26 Jun 2026 20:35:07 +0000</pubDate>
    </item>
    <item>
      <title>79f4e9af-11b9-4be1-ab51-61cf0b7d56bb</title>
      <link>https://vulnerability.circl.lu/sighting/79f4e9af-11b9-4be1-ab51-61cf0b7d56bb/export</link>
      <description>{"uuid": "79f4e9af-11b9-4be1-ab51-61cf0b7d56bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48768", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3monjhbwh4p2c", "content": "CVE-2026-48768 - Critical XSS in Typebot. Unauthenticated file upload to arbitrary S3 paths. Malicious HTML/SVG/JS can be injected into other tenants' results. CVSS 9.3. No patch available. Disable file input blocks immediately. #CVE #Typeb...\n\nhttps://www.valtersit.com/cve/CVE-2026-48768/", "creation_timestamp": "2026-06-19T14:10:24.329546Z"}</description>
      <content:encoded>{"uuid": "79f4e9af-11b9-4be1-ab51-61cf0b7d56bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48768", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3monjhbwh4p2c", "content": "CVE-2026-48768 - Critical XSS in Typebot. Unauthenticated file upload to arbitrary S3 paths. Malicious HTML/SVG/JS can be injected into other tenants' results. CVSS 9.3. No patch available. Disable file input blocks immediately. #CVE #Typeb...\n\nhttps://www.valtersit.com/cve/CVE-2026-48768/", "creation_timestamp": "2026-06-19T14:10:24.329546Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/79f4e9af-11b9-4be1-ab51-61cf0b7d56bb/export</guid>
      <pubDate>Fri, 19 Jun 2026 14:10:24 +0000</pubDate>
    </item>
    <item>
      <title>09cd4b87-7bb3-4d71-bc38-9dc53a7675c4</title>
      <link>https://vulnerability.circl.lu/sighting/09cd4b87-7bb3-4d71-bc38-9dc53a7675c4/export</link>
      <description>{"uuid": "09cd4b87-7bb3-4d71-bc38-9dc53a7675c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48764", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mojq3sxmct2k", "content": "CVE-2026-48764 - TypeBot has SSRF in HTTP request and script fetch flows via DNS rebinding bypass\nCVE ID : CVE-2026-48764\n \n Published : June 17, 2026, 11:29 p.m. | 2\u00a0hours, 12\u00a0minutes ago\n \n Description : TypeBot is a chatbot builder tool. In versions prior to 3.17.2, SSRF va...", "creation_timestamp": "2026-06-18T01:58:35.796568Z"}</description>
      <content:encoded>{"uuid": "09cd4b87-7bb3-4d71-bc38-9dc53a7675c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48764", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mojq3sxmct2k", "content": "CVE-2026-48764 - TypeBot has SSRF in HTTP request and script fetch flows via DNS rebinding bypass\nCVE ID : CVE-2026-48764\n \n Published : June 17, 2026, 11:29 p.m. | 2\u00a0hours, 12\u00a0minutes ago\n \n Description : TypeBot is a chatbot builder tool. In versions prior to 3.17.2, SSRF va...", "creation_timestamp": "2026-06-18T01:58:35.796568Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/09cd4b87-7bb3-4d71-bc38-9dc53a7675c4/export</guid>
      <pubDate>Thu, 18 Jun 2026 01:58:35 +0000</pubDate>
    </item>
    <item>
      <title>ee002f14-9a62-4965-a3e3-918b43fe2c89</title>
      <link>https://vulnerability.circl.lu/sighting/ee002f14-9a62-4965-a3e3-918b43fe2c89/export</link>
      <description>{"uuid": "ee002f14-9a62-4965-a3e3-918b43fe2c89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48768", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mojpsuhhbw2z", "content": "CVE-2026-48768 - TypeBot: Unauthenticated arbitrary s3 object write in generate-upload-url via unsanitized fileName\nCVE ID : CVE-2026-48768\n \n Published : June 17, 2026, 11:13 p.m. | 2\u00a0hours, 28\u00a0minutes ago\n \n Description : TypeBot is a chatbot builder tool. In versions 3.16.1...", "creation_timestamp": "2026-06-18T01:53:35.629006Z"}</description>
      <content:encoded>{"uuid": "ee002f14-9a62-4965-a3e3-918b43fe2c89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48768", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mojpsuhhbw2z", "content": "CVE-2026-48768 - TypeBot: Unauthenticated arbitrary s3 object write in generate-upload-url via unsanitized fileName\nCVE ID : CVE-2026-48768\n \n Published : June 17, 2026, 11:13 p.m. | 2\u00a0hours, 28\u00a0minutes ago\n \n Description : TypeBot is a chatbot builder tool. In versions 3.16.1...", "creation_timestamp": "2026-06-18T01:53:35.629006Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ee002f14-9a62-4965-a3e3-918b43fe2c89/export</guid>
      <pubDate>Thu, 18 Jun 2026 01:53:35 +0000</pubDate>
    </item>
    <item>
      <title>843b6ed7-1e89-4a55-8fa3-19db8c317090</title>
      <link>https://vulnerability.circl.lu/sighting/843b6ed7-1e89-4a55-8fa3-19db8c317090/export</link>
      <description>{"uuid": "843b6ed7-1e89-4a55-8fa3-19db8c317090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48768", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mojjj35nrc2t", "content": "CRITICAL alert: Path traversal in typebot.io \u22643.16.1 lets attackers upload files to public paths, risking stored XSS. Update to 3.17.0 now! https://radar.offseq.com/threat/cve-2026-48768-cwe-22-improper-limitation-of-a-pat-bab741214d20a19d #OffSeq #CVE202648768 #Security", "creation_timestamp": "2026-06-18T00:00:44.995882Z"}</description>
      <content:encoded>{"uuid": "843b6ed7-1e89-4a55-8fa3-19db8c317090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48768", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mojjj35nrc2t", "content": "CRITICAL alert: Path traversal in typebot.io \u22643.16.1 lets attackers upload files to public paths, risking stored XSS. Update to 3.17.0 now! https://radar.offseq.com/threat/cve-2026-48768-cwe-22-improper-limitation-of-a-pat-bab741214d20a19d #OffSeq #CVE202648768 #Security", "creation_timestamp": "2026-06-18T00:00:44.995882Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/843b6ed7-1e89-4a55-8fa3-19db8c317090/export</guid>
      <pubDate>Thu, 18 Jun 2026 00:00:44 +0000</pubDate>
    </item>
    <item>
      <title>8e01f960-d638-4e1b-b290-c8d3a48f7005</title>
      <link>https://vulnerability.circl.lu/sighting/8e01f960-d638-4e1b-b290-c8d3a48f7005/export</link>
      <description>{"uuid": "8e01f960-d638-4e1b-b290-c8d3a48f7005", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48761", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq4e3x7q2h", "content": "\ud83d\udd17 CVE : CVE-2026-48489, CVE-2026-48736, CVE-2026-48747, CVE-2026-48760, CVE-2026-48761, CVE-2026-48784", "creation_timestamp": "2026-05-27T14:35:08.692575Z"}</description>
      <content:encoded>{"uuid": "8e01f960-d638-4e1b-b290-c8d3a48f7005", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48761", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq4e3x7q2h", "content": "\ud83d\udd17 CVE : CVE-2026-48489, CVE-2026-48736, CVE-2026-48747, CVE-2026-48760, CVE-2026-48761, CVE-2026-48784", "creation_timestamp": "2026-05-27T14:35:08.692575Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/8e01f960-d638-4e1b-b290-c8d3a48f7005/export</guid>
      <pubDate>Wed, 27 May 2026 14:35:08 +0000</pubDate>
    </item>
    <item>
      <title>55aef5d9-4734-4099-bb4f-53ecdbefaba5</title>
      <link>https://vulnerability.circl.lu/sighting/55aef5d9-4734-4099-bb4f-53ecdbefaba5/export</link>
      <description>{"uuid": "55aef5d9-4734-4099-bb4f-53ecdbefaba5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48760", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq4e3x7q2h", "content": "\ud83d\udd17 CVE : CVE-2026-48489, CVE-2026-48736, CVE-2026-48747, CVE-2026-48760, CVE-2026-48761, CVE-2026-48784", "creation_timestamp": "2026-05-27T14:35:08.533971Z"}</description>
      <content:encoded>{"uuid": "55aef5d9-4734-4099-bb4f-53ecdbefaba5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48760", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq4e3x7q2h", "content": "\ud83d\udd17 CVE : CVE-2026-48489, CVE-2026-48736, CVE-2026-48747, CVE-2026-48760, CVE-2026-48761, CVE-2026-48784", "creation_timestamp": "2026-05-27T14:35:08.533971Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/55aef5d9-4734-4099-bb4f-53ecdbefaba5/export</guid>
      <pubDate>Wed, 27 May 2026 14:35:08 +0000</pubDate>
    </item>
    <item>
      <title>620a7ab4-1406-4155-b03e-4acfc04f03d3</title>
      <link>https://vulnerability.circl.lu/sighting/620a7ab4-1406-4155-b03e-4acfc04f03d3/export</link>
      <description>{"uuid": "620a7ab4-1406-4155-b03e-4acfc04f03d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48761", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmtaxsaqpf2h", "content": "\ud83d\udd10 CVE-2026-48761: HtmlSanitizer Misses URL Attributes on object, applet, iframe, img and meta refresh\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-48761-htmlsanitizer-misses-url-attributes-on-object-applet-iframe-img-and-meta-refresh", "creation_timestamp": "2026-05-27T10:04:08.651245Z"}</description>
      <content:encoded>{"uuid": "620a7ab4-1406-4155-b03e-4acfc04f03d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48761", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmtaxsaqpf2h", "content": "\ud83d\udd10 CVE-2026-48761: HtmlSanitizer Misses URL Attributes on object, applet, iframe, img and meta refresh\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-48761-htmlsanitizer-misses-url-attributes-on-object-applet-iframe-img-and-meta-refresh", "creation_timestamp": "2026-05-27T10:04:08.651245Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/620a7ab4-1406-4155-b03e-4acfc04f03d3/export</guid>
      <pubDate>Wed, 27 May 2026 10:04:08 +0000</pubDate>
    </item>
  </channel>
</rss>
