<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sat, 11 Jul 2026 17:20:29 +0000</lastBuildDate>
    <item>
      <title>d80efb7e-af4a-4eef-93af-20726a16bd2c</title>
      <link>https://vulnerability.circl.lu/sighting/d80efb7e-af4a-4eef-93af-20726a16bd2c/export</link>
      <description>{"uuid": "d80efb7e-af4a-4eef-93af-20726a16bd2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53511", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdggb7dsr2a", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-53511 \u0432 Calibre: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0445 \u043a\u043d\u0438\u0433\n\n\n\nhttps://kripta.biz/posts/A90DDFE8-46DE-4692-95E1-A8817D9098B9", "creation_timestamp": "2026-07-11T00:39:53.811450Z"}</description>
      <content:encoded>{"uuid": "d80efb7e-af4a-4eef-93af-20726a16bd2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53511", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdggb7dsr2a", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-53511 \u0432 Calibre: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0445 \u043a\u043d\u0438\u0433\n\n\n\nhttps://kripta.biz/posts/A90DDFE8-46DE-4692-95E1-A8817D9098B9", "creation_timestamp": "2026-07-11T00:39:53.811450Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d80efb7e-af4a-4eef-93af-20726a16bd2c/export</guid>
      <pubDate>Sat, 11 Jul 2026 00:39:53 +0000</pubDate>
    </item>
    <item>
      <title>f4b83df8-0ebb-4326-8176-09f130f988d9</title>
      <link>https://vulnerability.circl.lu/sighting/f4b83df8-0ebb-4326-8176-09f130f988d9/export</link>
      <description>{"uuid": "f4b83df8-0ebb-4326-8176-09f130f988d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53511", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq3quv37dx2k", "content": "CVE-2026-53511 - calibre: Arbitrary Code Execution in Template Formatter via Book Metadata\nCVE ID : CVE-2026-53511\n \n Published : July 7, 2026, 9:17 p.m. | 1\u00a0hour, 57\u00a0minutes ago\n \n Description : calibre is an e-book manager. Prior to 9.10.0, a malicious EPUB, OPF, or PDF file...", "creation_timestamp": "2026-07-07T23:25:43.880068Z"}</description>
      <content:encoded>{"uuid": "f4b83df8-0ebb-4326-8176-09f130f988d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53511", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq3quv37dx2k", "content": "CVE-2026-53511 - calibre: Arbitrary Code Execution in Template Formatter via Book Metadata\nCVE ID : CVE-2026-53511\n \n Published : July 7, 2026, 9:17 p.m. | 1\u00a0hour, 57\u00a0minutes ago\n \n Description : calibre is an e-book manager. Prior to 9.10.0, a malicious EPUB, OPF, or PDF file...", "creation_timestamp": "2026-07-07T23:25:43.880068Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/f4b83df8-0ebb-4326-8176-09f130f988d9/export</guid>
      <pubDate>Tue, 07 Jul 2026 23:25:43 +0000</pubDate>
    </item>
    <item>
      <title>12f1bc61-7865-41d0-91cf-64bcf28ec9fb</title>
      <link>https://vulnerability.circl.lu/sighting/12f1bc61-7865-41d0-91cf-64bcf28ec9fb/export</link>
      <description>{"uuid": "12f1bc61-7865-41d0-91cf-64bcf28ec9fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53518", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq3lgclew62b", "content": "CVE-2026-53518 - oauth-provider\nThe Better Auth OAuth Provider, used in some applications, can issue duplicate access tokens if two requests for the same authorization code are made at the same\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#oauthprovider #betterauth #npm #CVE #infosec", "creation_timestamp": "2026-07-07T21:48:06.588213Z"}</description>
      <content:encoded>{"uuid": "12f1bc61-7865-41d0-91cf-64bcf28ec9fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53518", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq3lgclew62b", "content": "CVE-2026-53518 - oauth-provider\nThe Better Auth OAuth Provider, used in some applications, can issue duplicate access tokens if two requests for the same authorization code are made at the same\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#oauthprovider #betterauth #npm #CVE #infosec", "creation_timestamp": "2026-07-07T21:48:06.588213Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/12f1bc61-7865-41d0-91cf-64bcf28ec9fb/export</guid>
      <pubDate>Tue, 07 Jul 2026 21:48:06 +0000</pubDate>
    </item>
    <item>
      <title>d2d60bde-c697-4efe-a9ea-1431a68e5384</title>
      <link>https://vulnerability.circl.lu/sighting/d2d60bde-c697-4efe-a9ea-1431a68e5384/export</link>
      <description>{"uuid": "d2d60bde-c697-4efe-a9ea-1431a68e5384", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53513", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq3lgb7llz25", "content": "CVE-2026-53513 - sso\nIf you're using an outdated version of the @better-auth/sso plugin, an attacker can access your server by tricking your system into making unauthorized requests. This can happen even\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#sso #betterauth #npm #CVE #infosec", "creation_timestamp": "2026-07-07T21:48:04.619993Z"}</description>
      <content:encoded>{"uuid": "d2d60bde-c697-4efe-a9ea-1431a68e5384", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53513", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq3lgb7llz25", "content": "CVE-2026-53513 - sso\nIf you're using an outdated version of the @better-auth/sso plugin, an attacker can access your server by tricking your system into making unauthorized requests. This can happen even\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#sso #betterauth #npm #CVE #infosec", "creation_timestamp": "2026-07-07T21:48:04.619993Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d2d60bde-c697-4efe-a9ea-1431a68e5384/export</guid>
      <pubDate>Tue, 07 Jul 2026 21:48:04 +0000</pubDate>
    </item>
    <item>
      <title>f07142ca-c1af-4b13-8bed-96199058bf71</title>
      <link>https://vulnerability.circl.lu/sighting/f07142ca-c1af-4b13-8bed-96199058bf71/export</link>
      <description>{"uuid": "f07142ca-c1af-4b13-8bed-96199058bf71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53512", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq3ifp5g5c2q", "content": "CVE-2026-53512 - better-auth\nSome Better Auth plugins don't verify client secrets for refresh tokens, which could allow an attacker to access sensitive data. If you use Better Auth with the oidc-provider or\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#betterauth #npm #CVE #infosec", "creation_timestamp": "2026-07-07T20:54:04.425045Z"}</description>
      <content:encoded>{"uuid": "f07142ca-c1af-4b13-8bed-96199058bf71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53512", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq3ifp5g5c2q", "content": "CVE-2026-53512 - better-auth\nSome Better Auth plugins don't verify client secrets for refresh tokens, which could allow an attacker to access sensitive data. If you use Better Auth with the oidc-provider or\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#betterauth #npm #CVE #infosec", "creation_timestamp": "2026-07-07T20:54:04.425045Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/f07142ca-c1af-4b13-8bed-96199058bf71/export</guid>
      <pubDate>Tue, 07 Jul 2026 20:54:04 +0000</pubDate>
    </item>
    <item>
      <title>e8382400-be50-4bd1-899e-03fbe2ed7bea</title>
      <link>https://vulnerability.circl.lu/sighting/e8382400-be50-4bd1-899e-03fbe2ed7bea/export</link>
      <description>{"uuid": "e8382400-be50-4bd1-899e-03fbe2ed7bea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-53519", "type": "published-proof-of-concept", "source": "https://github.com/nezhahq/nezha/security/advisories/GHSA-5c25-7vpj-9mqh", "content": "", "creation_timestamp": "2026-06-27T00:35:24.688398Z"}</description>
      <content:encoded>{"uuid": "e8382400-be50-4bd1-899e-03fbe2ed7bea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-53519", "type": "published-proof-of-concept", "source": "https://github.com/nezhahq/nezha/security/advisories/GHSA-5c25-7vpj-9mqh", "content": "", "creation_timestamp": "2026-06-27T00:35:24.688398Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e8382400-be50-4bd1-899e-03fbe2ed7bea/export</guid>
      <pubDate>Sat, 27 Jun 2026 00:35:24 +0000</pubDate>
    </item>
    <item>
      <title>d7315d11-aa87-41c0-94d6-76546d8e6341</title>
      <link>https://vulnerability.circl.lu/sighting/d7315d11-aa87-41c0-94d6-76546d8e6341/export</link>
      <description>{"uuid": "d7315d11-aa87-41c0-94d6-76546d8e6341", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-53519", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116739855858486390", "content": "\ud83d\udee1\ufe0f CVE-2026-53519: CRITICAL path traversal in Nezha Monitoring (&amp;lt;2.0.13). Unauthenticated attackers can read arbitrary files via crafted URLs. Patch to 2.0.13+ ASAP! https://radar.offseq.com/threat/cve-2026-53519-cwe-22-improper-limitation-of-a-pat-3dc4f02c #OffSeq #CVE202653519 #infosec #vuln", "creation_timestamp": "2026-06-13T00:00:43.222613Z"}</description>
      <content:encoded>{"uuid": "d7315d11-aa87-41c0-94d6-76546d8e6341", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-53519", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116739855858486390", "content": "\ud83d\udee1\ufe0f CVE-2026-53519: CRITICAL path traversal in Nezha Monitoring (&amp;lt;2.0.13). Unauthenticated attackers can read arbitrary files via crafted URLs. Patch to 2.0.13+ ASAP! https://radar.offseq.com/threat/cve-2026-53519-cwe-22-improper-limitation-of-a-pat-3dc4f02c #OffSeq #CVE202653519 #infosec #vuln", "creation_timestamp": "2026-06-13T00:00:43.222613Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d7315d11-aa87-41c0-94d6-76546d8e6341/export</guid>
      <pubDate>Sat, 13 Jun 2026 00:00:43 +0000</pubDate>
    </item>
    <item>
      <title>0802b86f-7544-4e6f-9d36-a513a2d1c2ef</title>
      <link>https://vulnerability.circl.lu/sighting/0802b86f-7544-4e6f-9d36-a513a2d1c2ef/export</link>
      <description>{"uuid": "0802b86f-7544-4e6f-9d36-a513a2d1c2ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53510", "type": "seen", "source": "https://bsky.app/profile/connorshea.bsky.social/post/3mo2egnpf5s2u", "content": "I got my first CVE ever, in a Ruby gem! :) CVE-2026-53510\n\nI found it using Claude (Opus 4.6 IIRC) and Scrutineer.\n\ngithub.com/savonrb/savo...", "creation_timestamp": "2026-06-11T23:20:00.205115Z"}</description>
      <content:encoded>{"uuid": "0802b86f-7544-4e6f-9d36-a513a2d1c2ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53510", "type": "seen", "source": "https://bsky.app/profile/connorshea.bsky.social/post/3mo2egnpf5s2u", "content": "I got my first CVE ever, in a Ruby gem! :) CVE-2026-53510\n\nI found it using Claude (Opus 4.6 IIRC) and Scrutineer.\n\ngithub.com/savonrb/savo...", "creation_timestamp": "2026-06-11T23:20:00.205115Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0802b86f-7544-4e6f-9d36-a513a2d1c2ef/export</guid>
      <pubDate>Thu, 11 Jun 2026 23:20:00 +0000</pubDate>
    </item>
  </channel>
</rss>
