<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 17 Jul 2026 00:41:17 +0000</lastBuildDate>
    <item>
      <title>4b9dfa83-27a8-4736-98a1-5d9a1eb49c39</title>
      <link>https://vulnerability.circl.lu/sighting/4b9dfa83-27a8-4736-98a1-5d9a1eb49c39/export</link>
      <description>{"uuid": "4b9dfa83-27a8-4736-98a1-5d9a1eb49c39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49988", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqpo5tfq562s", "content": "CVE-2026-49988 - Repomix: attach_packed_output can bypass file-read secret scanning for supported local files\nCVE ID : CVE-2026-49988\n \n Published : July 15, 2026, 7:17 p.m. | 17\u00a0minutes ago\n \n Description : Repomix is a tool that packs repositories into AI-friendly files. Pri...", "creation_timestamp": "2026-07-15T21:30:17.722704Z"}</description>
      <content:encoded>{"uuid": "4b9dfa83-27a8-4736-98a1-5d9a1eb49c39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49988", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqpo5tfq562s", "content": "CVE-2026-49988 - Repomix: attach_packed_output can bypass file-read secret scanning for supported local files\nCVE ID : CVE-2026-49988\n \n Published : July 15, 2026, 7:17 p.m. | 17\u00a0minutes ago\n \n Description : Repomix is a tool that packs repositories into AI-friendly files. Pri...", "creation_timestamp": "2026-07-15T21:30:17.722704Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/4b9dfa83-27a8-4736-98a1-5d9a1eb49c39/export</guid>
      <pubDate>Wed, 15 Jul 2026 21:30:17 +0000</pubDate>
    </item>
    <item>
      <title>b2d48230-66f0-4706-a478-fba59ca8f03b</title>
      <link>https://vulnerability.circl.lu/sighting/b2d48230-66f0-4706-a478-fba59ca8f03b/export</link>
      <description>{"uuid": "b2d48230-66f0-4706-a478-fba59ca8f03b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49987", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqpmqxdh3a22", "content": "CVE-2026-49987 - Repomix: Command Injection (RCE) via `--remote-branch` Argument Injection\nCVE ID : CVE-2026-49987\n \n Published : July 15, 2026, 7:17 p.m. | 17\u00a0minutes ago\n \n Description : Repomix is a tool that packs repositories into AI-friendly files. Prior to 1.14.1, src/c...", "creation_timestamp": "2026-07-15T21:05:14.149196Z"}</description>
      <content:encoded>{"uuid": "b2d48230-66f0-4706-a478-fba59ca8f03b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49987", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqpmqxdh3a22", "content": "CVE-2026-49987 - Repomix: Command Injection (RCE) via `--remote-branch` Argument Injection\nCVE ID : CVE-2026-49987\n \n Published : July 15, 2026, 7:17 p.m. | 17\u00a0minutes ago\n \n Description : Repomix is a tool that packs repositories into AI-friendly files. Prior to 1.14.1, src/c...", "creation_timestamp": "2026-07-15T21:05:14.149196Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b2d48230-66f0-4706-a478-fba59ca8f03b/export</guid>
      <pubDate>Wed, 15 Jul 2026 21:05:14 +0000</pubDate>
    </item>
    <item>
      <title>c014f0c4-4164-44ed-a9a8-1a5cf6c1be80</title>
      <link>https://vulnerability.circl.lu/sighting/c014f0c4-4164-44ed-a9a8-1a5cf6c1be80/export</link>
      <description>{"uuid": "c014f0c4-4164-44ed-a9a8-1a5cf6c1be80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49981", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqnik3mtql27", "content": "CVE-2026-49981 - Twig: Sandbox filter, tag and function allow-list bypass when sandbox state changes between renders for a cached `Template`\nCVE ID : CVE-2026-49981\n \n Published : July 14, 2026, 10:17 p.m. | 1\u00a0hour, 14\u00a0minutes ago\n \n Description : Twig is a template language f...", "creation_timestamp": "2026-07-15T00:44:27.048136Z"}</description>
      <content:encoded>{"uuid": "c014f0c4-4164-44ed-a9a8-1a5cf6c1be80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49981", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqnik3mtql27", "content": "CVE-2026-49981 - Twig: Sandbox filter, tag and function allow-list bypass when sandbox state changes between renders for a cached `Template`\nCVE ID : CVE-2026-49981\n \n Published : July 14, 2026, 10:17 p.m. | 1\u00a0hour, 14\u00a0minutes ago\n \n Description : Twig is a template language f...", "creation_timestamp": "2026-07-15T00:44:27.048136Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c014f0c4-4164-44ed-a9a8-1a5cf6c1be80/export</guid>
      <pubDate>Wed, 15 Jul 2026 00:44:27 +0000</pubDate>
    </item>
    <item>
      <title>b4205b63-3ac1-4b68-95e5-f6595ead29c3</title>
      <link>https://vulnerability.circl.lu/sighting/b4205b63-3ac1-4b68-95e5-f6595ead29c3/export</link>
      <description>{"uuid": "b4205b63-3ac1-4b68-95e5-f6595ead29c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49980", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mps7iz5uow23", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-49980 \u0432 Rclone: \u0443\u0433\u0440\u043e\u0437\u044b, \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/1B6CE41D-A8D0-4D6B-894F-6B2211C56CB8", "creation_timestamp": "2026-07-04T04:20:54.146464Z"}</description>
      <content:encoded>{"uuid": "b4205b63-3ac1-4b68-95e5-f6595ead29c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49980", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mps7iz5uow23", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-49980 \u0432 Rclone: \u0443\u0433\u0440\u043e\u0437\u044b, \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/1B6CE41D-A8D0-4D6B-894F-6B2211C56CB8", "creation_timestamp": "2026-07-04T04:20:54.146464Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b4205b63-3ac1-4b68-95e5-f6595ead29c3/export</guid>
      <pubDate>Sat, 04 Jul 2026 04:20:54 +0000</pubDate>
    </item>
    <item>
      <title>939fdd09-3c2a-41e7-b363-9da35b5a9e58</title>
      <link>https://vulnerability.circl.lu/sighting/939fdd09-3c2a-41e7-b363-9da35b5a9e58/export</link>
      <description>{"uuid": "939fdd09-3c2a-41e7-b363-9da35b5a9e58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-49986", "type": "published-proof-of-concept", "source": "https://github.com/cdeust/Cortex/security/advisories/GHSA-gvpp-v77h-5w8g", "content": "", "creation_timestamp": "2026-07-01T20:35:11.679535Z"}</description>
      <content:encoded>{"uuid": "939fdd09-3c2a-41e7-b363-9da35b5a9e58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-49986", "type": "published-proof-of-concept", "source": "https://github.com/cdeust/Cortex/security/advisories/GHSA-gvpp-v77h-5w8g", "content": "", "creation_timestamp": "2026-07-01T20:35:11.679535Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/939fdd09-3c2a-41e7-b363-9da35b5a9e58/export</guid>
      <pubDate>Wed, 01 Jul 2026 20:35:11 +0000</pubDate>
    </item>
    <item>
      <title>539f7c93-54cd-40b9-a683-aabdfed64ed5</title>
      <link>https://vulnerability.circl.lu/sighting/539f7c93-54cd-40b9-a683-aabdfed64ed5/export</link>
      <description>{"uuid": "539f7c93-54cd-40b9-a683-aabdfed64ed5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-49987", "type": "published-proof-of-concept", "source": "https://github.com/yamadashy/repomix/security/advisories/GHSA-9mm9-rqhj-j5mx", "content": "", "creation_timestamp": "2026-07-01T20:35:09.517613Z"}</description>
      <content:encoded>{"uuid": "539f7c93-54cd-40b9-a683-aabdfed64ed5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-49987", "type": "published-proof-of-concept", "source": "https://github.com/yamadashy/repomix/security/advisories/GHSA-9mm9-rqhj-j5mx", "content": "", "creation_timestamp": "2026-07-01T20:35:09.517613Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/539f7c93-54cd-40b9-a683-aabdfed64ed5/export</guid>
      <pubDate>Wed, 01 Jul 2026 20:35:09 +0000</pubDate>
    </item>
    <item>
      <title>b5c2d651-60dd-4bf2-b166-43ec2d0359df</title>
      <link>https://vulnerability.circl.lu/sighting/b5c2d651-60dd-4bf2-b166-43ec2d0359df/export</link>
      <description>{"uuid": "b5c2d651-60dd-4bf2-b166-43ec2d0359df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-49989", "type": "published-proof-of-concept", "source": "https://github.com/crate/crate/security/advisories/GHSA-2xv8-gjwh-fv8p", "content": "", "creation_timestamp": "2026-07-01T20:35:07.371743Z"}</description>
      <content:encoded>{"uuid": "b5c2d651-60dd-4bf2-b166-43ec2d0359df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-49989", "type": "published-proof-of-concept", "source": "https://github.com/crate/crate/security/advisories/GHSA-2xv8-gjwh-fv8p", "content": "", "creation_timestamp": "2026-07-01T20:35:07.371743Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b5c2d651-60dd-4bf2-b166-43ec2d0359df/export</guid>
      <pubDate>Wed, 01 Jul 2026 20:35:07 +0000</pubDate>
    </item>
    <item>
      <title>f18681de-4411-4332-b946-d69bb800366c</title>
      <link>https://vulnerability.circl.lu/sighting/f18681de-4411-4332-b946-d69bb800366c/export</link>
      <description>{"uuid": "f18681de-4411-4332-b946-d69bb800366c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49984", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mplmfdagoy2o", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-49984 \u0432 Kestra: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/AF3C7B1E-D9A9-4D34-B924-C4CE6748BF24", "creation_timestamp": "2026-07-01T13:22:51.397830Z"}</description>
      <content:encoded>{"uuid": "f18681de-4411-4332-b946-d69bb800366c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49984", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mplmfdagoy2o", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-49984 \u0432 Kestra: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/AF3C7B1E-D9A9-4D34-B924-C4CE6748BF24", "creation_timestamp": "2026-07-01T13:22:51.397830Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/f18681de-4411-4332-b946-d69bb800366c/export</guid>
      <pubDate>Wed, 01 Jul 2026 13:22:51 +0000</pubDate>
    </item>
    <item>
      <title>ee78f8fa-a397-4f18-8310-8f5614e7c26a</title>
      <link>https://vulnerability.circl.lu/sighting/ee78f8fa-a397-4f18-8310-8f5614e7c26a/export</link>
      <description>{"uuid": "ee78f8fa-a397-4f18-8310-8f5614e7c26a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49980", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mphw63pkjn2e", "content": "\ud83d\udccc CVE-2026-49980 - Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --r... https://www.cyberhub.blog/cves/CVE-2026-49980", "creation_timestamp": "2026-06-30T02:07:07.398394Z"}</description>
      <content:encoded>{"uuid": "ee78f8fa-a397-4f18-8310-8f5614e7c26a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49980", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mphw63pkjn2e", "content": "\ud83d\udccc CVE-2026-49980 - Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --r... https://www.cyberhub.blog/cves/CVE-2026-49980", "creation_timestamp": "2026-06-30T02:07:07.398394Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ee78f8fa-a397-4f18-8310-8f5614e7c26a/export</guid>
      <pubDate>Tue, 30 Jun 2026 02:07:07 +0000</pubDate>
    </item>
    <item>
      <title>91fe9531-304c-4c3f-b733-81ef8a7dc702</title>
      <link>https://vulnerability.circl.lu/sighting/91fe9531-304c-4c3f-b733-81ef8a7dc702/export</link>
      <description>{"uuid": "91fe9531-304c-4c3f-b733-81ef8a7dc702", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49984", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mph7b5jj2w2o", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-49984 \u0432 Kestra: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/785221D3-8475-46E9-B85D-8063FA40B9AD", "creation_timestamp": "2026-06-29T19:17:13.467505Z"}</description>
      <content:encoded>{"uuid": "91fe9531-304c-4c3f-b733-81ef8a7dc702", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49984", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mph7b5jj2w2o", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-49984 \u0432 Kestra: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/785221D3-8475-46E9-B85D-8063FA40B9AD", "creation_timestamp": "2026-06-29T19:17:13.467505Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/91fe9531-304c-4c3f-b733-81ef8a7dc702/export</guid>
      <pubDate>Mon, 29 Jun 2026 19:17:13 +0000</pubDate>
    </item>
  </channel>
</rss>
