<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sun, 12 Jul 2026 07:02:48 +0000</lastBuildDate>
    <item>
      <title>3518f243-35a6-47a5-b169-f6c2cb16f74a</title>
      <link>https://vulnerability.circl.lu/sighting/3518f243-35a6-47a5-b169-f6c2cb16f74a/export</link>
      <description>{"uuid": "3518f243-35a6-47a5-b169-f6c2cb16f74a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49276", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqaitinknm27", "content": "CVE-2026-49276 - Kirby: Self cross-site scripting (self-XSS) in the writer field\nCVE ID : CVE-2026-49276\n \n Published : July 9, 2026, 7:17 p.m. | 31\u00a0minutes ago\n \n Description : Kirby is an open-source content management system. Prior to 4.9.4 and 5.4.4, Kirby sites using the ...", "creation_timestamp": "2026-07-09T20:45:07.003904Z"}</description>
      <content:encoded>{"uuid": "3518f243-35a6-47a5-b169-f6c2cb16f74a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49276", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqaitinknm27", "content": "CVE-2026-49276 - Kirby: Self cross-site scripting (self-XSS) in the writer field\nCVE ID : CVE-2026-49276\n \n Published : July 9, 2026, 7:17 p.m. | 31\u00a0minutes ago\n \n Description : Kirby is an open-source content management system. Prior to 4.9.4 and 5.4.4, Kirby sites using the ...", "creation_timestamp": "2026-07-09T20:45:07.003904Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3518f243-35a6-47a5-b169-f6c2cb16f74a/export</guid>
      <pubDate>Thu, 09 Jul 2026 20:45:07 +0000</pubDate>
    </item>
    <item>
      <title>aabc1808-4ce2-480e-9eb4-5b1f17cc0e07</title>
      <link>https://vulnerability.circl.lu/sighting/aabc1808-4ce2-480e-9eb4-5b1f17cc0e07/export</link>
      <description>{"uuid": "aabc1808-4ce2-480e-9eb4-5b1f17cc0e07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49274", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqag5munyo2x", "content": "CVE-2026-49274 - Kirby: `pages.access` permission is not checked in the pages picker for parent pages\nCVE ID : CVE-2026-49274\n \n Published : July 9, 2026, 7:17 p.m. | 31\u00a0minutes ago\n \n Description : Kirby is an open-source content management system. Prior to 4.9.4 and 5.4.4, K...", "creation_timestamp": "2026-07-09T19:57:06.707012Z"}</description>
      <content:encoded>{"uuid": "aabc1808-4ce2-480e-9eb4-5b1f17cc0e07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49274", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqag5munyo2x", "content": "CVE-2026-49274 - Kirby: `pages.access` permission is not checked in the pages picker for parent pages\nCVE ID : CVE-2026-49274\n \n Published : July 9, 2026, 7:17 p.m. | 31\u00a0minutes ago\n \n Description : Kirby is an open-source content management system. Prior to 4.9.4 and 5.4.4, K...", "creation_timestamp": "2026-07-09T19:57:06.707012Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/aabc1808-4ce2-480e-9eb4-5b1f17cc0e07/export</guid>
      <pubDate>Thu, 09 Jul 2026 19:57:06 +0000</pubDate>
    </item>
    <item>
      <title>5e9a7182-2714-4ef1-a0e2-c23965917b00</title>
      <link>https://vulnerability.circl.lu/sighting/5e9a7182-2714-4ef1-a0e2-c23965917b00/export</link>
      <description>{"uuid": "5e9a7182-2714-4ef1-a0e2-c23965917b00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49270", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mphhukusr22j", "content": "CVE-2026-50750: Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270", "creation_timestamp": "2026-06-29T21:51:14.668184Z"}</description>
      <content:encoded>{"uuid": "5e9a7182-2714-4ef1-a0e2-c23965917b00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49270", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mphhukusr22j", "content": "CVE-2026-50750: Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270", "creation_timestamp": "2026-06-29T21:51:14.668184Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5e9a7182-2714-4ef1-a0e2-c23965917b00/export</guid>
      <pubDate>Mon, 29 Jun 2026 21:51:14 +0000</pubDate>
    </item>
    <item>
      <title>518e9760-c061-453d-9189-49661304cb85</title>
      <link>https://vulnerability.circl.lu/sighting/518e9760-c061-453d-9189-49661304cb85/export</link>
      <description>{"uuid": "518e9760-c061-453d-9189-49661304cb85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49277", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp2ztnvgtv22", "content": "CVE-2026-49277 - Rocket.Chat: OAuth access and refresh tokens remain valid after account deactivation\nCVE ID : CVE-2026-49277\n \n Published : June 24, 2026, 9:04 p.m. | 40\u00a0minutes ago\n \n Description : Rocket.Chat is an open-source, secure, fully customizable communications plat...", "creation_timestamp": "2026-06-24T23:08:15.567316Z"}</description>
      <content:encoded>{"uuid": "518e9760-c061-453d-9189-49661304cb85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49277", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp2ztnvgtv22", "content": "CVE-2026-49277 - Rocket.Chat: OAuth access and refresh tokens remain valid after account deactivation\nCVE ID : CVE-2026-49277\n \n Published : June 24, 2026, 9:04 p.m. | 40\u00a0minutes ago\n \n Description : Rocket.Chat is an open-source, secure, fully customizable communications plat...", "creation_timestamp": "2026-06-24T23:08:15.567316Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/518e9760-c061-453d-9189-49661304cb85/export</guid>
      <pubDate>Wed, 24 Jun 2026 23:08:15 +0000</pubDate>
    </item>
    <item>
      <title>61644b6a-9311-4160-9a52-61e28bbd6837</title>
      <link>https://vulnerability.circl.lu/sighting/61644b6a-9311-4160-9a52-61e28bbd6837/export</link>
      <description>{"uuid": "61644b6a-9311-4160-9a52-61e28bbd6837", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49278", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp2xvn64o72k", "content": "CVE-2026-49278 - Rocket.Chat: Livechat Visitor Profile Disclosure Leaks Bearer Token and Enables Visitor Impersonation\nCVE ID : CVE-2026-49278\n \n Published : June 24, 2026, 9:05 p.m. | 39\u00a0minutes ago\n \n Description : Rocket.Chat is an open-source, secure, fully customizable co...", "creation_timestamp": "2026-06-24T22:33:33.918767Z"}</description>
      <content:encoded>{"uuid": "61644b6a-9311-4160-9a52-61e28bbd6837", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49278", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp2xvn64o72k", "content": "CVE-2026-49278 - Rocket.Chat: Livechat Visitor Profile Disclosure Leaks Bearer Token and Enables Visitor Impersonation\nCVE ID : CVE-2026-49278\n \n Published : June 24, 2026, 9:05 p.m. | 39\u00a0minutes ago\n \n Description : Rocket.Chat is an open-source, secure, fully customizable co...", "creation_timestamp": "2026-06-24T22:33:33.918767Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/61644b6a-9311-4160-9a52-61e28bbd6837/export</guid>
      <pubDate>Wed, 24 Jun 2026 22:33:33 +0000</pubDate>
    </item>
    <item>
      <title>3e94271b-e7a9-4d3a-ae70-64737d4eeecb</title>
      <link>https://vulnerability.circl.lu/sighting/3e94271b-e7a9-4d3a-ae70-64737d4eeecb/export</link>
      <description>{"uuid": "3e94271b-e7a9-4d3a-ae70-64737d4eeecb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49270", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mn652dgcga27", "content": "CVE-2026-49270: Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Durable Subscription Disclosure via Crafted BrokerInfo (OpenWire)", "creation_timestamp": "2026-05-31T17:53:16.410663Z"}</description>
      <content:encoded>{"uuid": "3e94271b-e7a9-4d3a-ae70-64737d4eeecb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49270", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mn652dgcga27", "content": "CVE-2026-49270: Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Durable Subscription Disclosure via Crafted BrokerInfo (OpenWire)", "creation_timestamp": "2026-05-31T17:53:16.410663Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3e94271b-e7a9-4d3a-ae70-64737d4eeecb/export</guid>
      <pubDate>Sun, 31 May 2026 17:53:16 +0000</pubDate>
    </item>
    <item>
      <title>ad121f4e-710e-49e2-87ea-4073368bfba1</title>
      <link>https://vulnerability.circl.lu/sighting/ad121f4e-710e-49e2-87ea-4073368bfba1/export</link>
      <description>{"uuid": "ad121f4e-710e-49e2-87ea-4073368bfba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-49279", "type": "published-proof-of-concept", "source": "https://github.com/WWBN/AVideo/security/advisories/GHSA-2fhx-q92v-5fhv", "content": "", "creation_timestamp": "2026-05-25T12:28:08.000000Z"}</description>
      <content:encoded>{"uuid": "ad121f4e-710e-49e2-87ea-4073368bfba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-49279", "type": "published-proof-of-concept", "source": "https://github.com/WWBN/AVideo/security/advisories/GHSA-2fhx-q92v-5fhv", "content": "", "creation_timestamp": "2026-05-25T12:28:08.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ad121f4e-710e-49e2-87ea-4073368bfba1/export</guid>
      <pubDate>Mon, 25 May 2026 12:28:08 +0000</pubDate>
    </item>
  </channel>
</rss>
