<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Thu, 09 Jul 2026 15:49:05 +0000</lastBuildDate>
    <item>
      <title>85818079-36f4-4820-8784-d19edb3c72b5</title>
      <link>https://vulnerability.circl.lu/sighting/85818079-36f4-4820-8784-d19edb3c72b5/export</link>
      <description>{"uuid": "85818079-36f4-4820-8784-d19edb3c72b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53877", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq2yqc7v5w2x", "content": "CVE-2026-53877 - Heap buffer over-read in GDALRaster\nCVE ID : CVE-2026-53877\n \n Published : July 7, 2026, 3:16 p.m. | 31\u00a0minutes ago\n \n Description : An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16.\n`django.contrib.gis.gdal.GDALRaster` over-reads its i...", "creation_timestamp": "2026-07-07T16:13:40.107356Z"}</description>
      <content:encoded>{"uuid": "85818079-36f4-4820-8784-d19edb3c72b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53877", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq2yqc7v5w2x", "content": "CVE-2026-53877 - Heap buffer over-read in GDALRaster\nCVE ID : CVE-2026-53877\n \n Published : July 7, 2026, 3:16 p.m. | 31\u00a0minutes ago\n \n Description : An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16.\n`django.contrib.gis.gdal.GDALRaster` over-reads its i...", "creation_timestamp": "2026-07-07T16:13:40.107356Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/85818079-36f4-4820-8784-d19edb3c72b5/export</guid>
      <pubDate>Tue, 07 Jul 2026 16:13:40 +0000</pubDate>
    </item>
    <item>
      <title>35c22823-e725-4baa-b362-4c64475beedf</title>
      <link>https://vulnerability.circl.lu/sighting/35c22823-e725-4baa-b362-4c64475beedf/export</link>
      <description>{"uuid": "35c22823-e725-4baa-b362-4c64475beedf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53878", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq2y6fbxvq23", "content": "CVE-2026-53878 - Header injection possibility since DomainNameValidator accepted newlines in input\nCVE ID : CVE-2026-53878\n \n Published : July 7, 2026, 3:16 p.m. | 31\u00a0minutes ago\n \n Description : An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16.\n`Domain...", "creation_timestamp": "2026-07-07T16:03:39.183279Z"}</description>
      <content:encoded>{"uuid": "35c22823-e725-4baa-b362-4c64475beedf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53878", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq2y6fbxvq23", "content": "CVE-2026-53878 - Header injection possibility since DomainNameValidator accepted newlines in input\nCVE ID : CVE-2026-53878\n \n Published : July 7, 2026, 3:16 p.m. | 31\u00a0minutes ago\n \n Description : An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16.\n`Domain...", "creation_timestamp": "2026-07-07T16:03:39.183279Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/35c22823-e725-4baa-b362-4c64475beedf/export</guid>
      <pubDate>Tue, 07 Jul 2026 16:03:39 +0000</pubDate>
    </item>
    <item>
      <title>34883cea-f33f-42e1-b718-3bd8c8e20c2a</title>
      <link>https://vulnerability.circl.lu/sighting/34883cea-f33f-42e1-b718-3bd8c8e20c2a/export</link>
      <description>{"uuid": "34883cea-f33f-42e1-b718-3bd8c8e20c2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53878", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mq2uvi6mb22w", "content": "Django CVE-2026-48588, CVE-2026-53877, and CVE-2026-53878", "creation_timestamp": "2026-07-07T15:04:59.220724Z"}</description>
      <content:encoded>{"uuid": "34883cea-f33f-42e1-b718-3bd8c8e20c2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53878", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mq2uvi6mb22w", "content": "Django CVE-2026-48588, CVE-2026-53877, and CVE-2026-53878", "creation_timestamp": "2026-07-07T15:04:59.220724Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/34883cea-f33f-42e1-b718-3bd8c8e20c2a/export</guid>
      <pubDate>Tue, 07 Jul 2026 15:04:59 +0000</pubDate>
    </item>
    <item>
      <title>5155a4bb-0af1-43a5-8819-476be382d37d</title>
      <link>https://vulnerability.circl.lu/sighting/5155a4bb-0af1-43a5-8819-476be382d37d/export</link>
      <description>{"uuid": "5155a4bb-0af1-43a5-8819-476be382d37d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53877", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mq2uvi6mb22w", "content": "Django CVE-2026-48588, CVE-2026-53877, and CVE-2026-53878", "creation_timestamp": "2026-07-07T15:04:59.176088Z"}</description>
      <content:encoded>{"uuid": "5155a4bb-0af1-43a5-8819-476be382d37d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53877", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mq2uvi6mb22w", "content": "Django CVE-2026-48588, CVE-2026-53877, and CVE-2026-53878", "creation_timestamp": "2026-07-07T15:04:59.176088Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5155a4bb-0af1-43a5-8819-476be382d37d/export</guid>
      <pubDate>Tue, 07 Jul 2026 15:04:59 +0000</pubDate>
    </item>
    <item>
      <title>12166cd3-f696-4adb-bbda-fda1f675cdc1</title>
      <link>https://vulnerability.circl.lu/sighting/12166cd3-f696-4adb-bbda-fda1f675cdc1/export</link>
      <description>{"uuid": "12166cd3-f696-4adb-bbda-fda1f675cdc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53874", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motnkutt5o2l", "content": "\ud83d\udea8  ALERT: CVE-2026-53874\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\npicklescan before 1.0.1 contains an unsafe deserialization vulnerability allowing unauthenticated users to execute arbitrary code by hiding eval calls nested under callable objects via getattr. Attackers can embed malicious code in pickle files th", "creation_timestamp": "2026-06-22T00:39:57.216188Z"}</description>
      <content:encoded>{"uuid": "12166cd3-f696-4adb-bbda-fda1f675cdc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53874", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motnkutt5o2l", "content": "\ud83d\udea8  ALERT: CVE-2026-53874\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\npicklescan before 1.0.1 contains an unsafe deserialization vulnerability allowing unauthenticated users to execute arbitrary code by hiding eval calls nested under callable objects via getattr. Attackers can embed malicious code in pickle files th", "creation_timestamp": "2026-06-22T00:39:57.216188Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/12166cd3-f696-4adb-bbda-fda1f675cdc1/export</guid>
      <pubDate>Mon, 22 Jun 2026 00:39:57 +0000</pubDate>
    </item>
    <item>
      <title>54a8040e-e90a-420a-8736-ca62d37f10f3</title>
      <link>https://vulnerability.circl.lu/sighting/54a8040e-e90a-420a-8736-ca62d37f10f3/export</link>
      <description>{"uuid": "54a8040e-e90a-420a-8736-ca62d37f10f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53871", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mojayqynw62f", "content": "CVE-2026-53871 - Hermes WebUI\nCVE ID : CVE-2026-53871\n \n Published : June 17, 2026, 5:58 p.m. | 1\u00a0hour, 31\u00a0minutes ago\n \n Description : Hermes WebUI before 0.51.368 contains an authorization bypass vulnerability in the get_profile_cookie() function that accepts unauthenticated...", "creation_timestamp": "2026-06-17T21:28:26.907341Z"}</description>
      <content:encoded>{"uuid": "54a8040e-e90a-420a-8736-ca62d37f10f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53871", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mojayqynw62f", "content": "CVE-2026-53871 - Hermes WebUI\nCVE ID : CVE-2026-53871\n \n Published : June 17, 2026, 5:58 p.m. | 1\u00a0hour, 31\u00a0minutes ago\n \n Description : Hermes WebUI before 0.51.368 contains an authorization bypass vulnerability in the get_profile_cookie() function that accepts unauthenticated...", "creation_timestamp": "2026-06-17T21:28:26.907341Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/54a8040e-e90a-420a-8736-ca62d37f10f3/export</guid>
      <pubDate>Wed, 17 Jun 2026 21:28:26 +0000</pubDate>
    </item>
    <item>
      <title>e87b79a1-92d2-4578-83f4-27477dd1a399</title>
      <link>https://vulnerability.circl.lu/sighting/e87b79a1-92d2-4578-83f4-27477dd1a399/export</link>
      <description>{"uuid": "e87b79a1-92d2-4578-83f4-27477dd1a399", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53875", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moixw6tkdm2z", "content": "CVE-2026-53875 - picklescan - Scanning Bypass via Dynamic Eval in scan_pytorch\nCVE ID : CVE-2026-53875\n \n Published : June 17, 2026, 3:05 p.m. | 2\u00a0hours, 37\u00a0minutes ago\n \n Description : picklescan before 1.0.3 contains a scanning bypass vulnerability in the scan_pytorch functi...", "creation_timestamp": "2026-06-17T18:45:57.086171Z"}</description>
      <content:encoded>{"uuid": "e87b79a1-92d2-4578-83f4-27477dd1a399", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53875", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moixw6tkdm2z", "content": "CVE-2026-53875 - picklescan - Scanning Bypass via Dynamic Eval in scan_pytorch\nCVE ID : CVE-2026-53875\n \n Published : June 17, 2026, 3:05 p.m. | 2\u00a0hours, 37\u00a0minutes ago\n \n Description : picklescan before 1.0.3 contains a scanning bypass vulnerability in the scan_pytorch functi...", "creation_timestamp": "2026-06-17T18:45:57.086171Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e87b79a1-92d2-4578-83f4-27477dd1a399/export</guid>
      <pubDate>Wed, 17 Jun 2026 18:45:57 +0000</pubDate>
    </item>
    <item>
      <title>7fdd1853-7580-4bd5-a043-86697c163622</title>
      <link>https://vulnerability.circl.lu/sighting/7fdd1853-7580-4bd5-a043-86697c163622/export</link>
      <description>{"uuid": "7fdd1853-7580-4bd5-a043-86697c163622", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53874", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moivozupwr2f", "content": "CVE-2026-53874 - picklescan - Arbitrary Code Execution via Obfuscated eval Call\nCVE ID : CVE-2026-53874\n \n Published : June 17, 2026, 3:05 p.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : picklescan before 1.0.1 contains an unsafe deserialization vulnerability allowing unauthent...", "creation_timestamp": "2026-06-17T18:06:09.615269Z"}</description>
      <content:encoded>{"uuid": "7fdd1853-7580-4bd5-a043-86697c163622", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53874", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moivozupwr2f", "content": "CVE-2026-53874 - picklescan - Arbitrary Code Execution via Obfuscated eval Call\nCVE ID : CVE-2026-53874\n \n Published : June 17, 2026, 3:05 p.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : picklescan before 1.0.1 contains an unsafe deserialization vulnerability allowing unauthent...", "creation_timestamp": "2026-06-17T18:06:09.615269Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7fdd1853-7580-4bd5-a043-86697c163622/export</guid>
      <pubDate>Wed, 17 Jun 2026 18:06:09 +0000</pubDate>
    </item>
    <item>
      <title>3b4fe301-22d2-4a25-a468-676eac2ff04b</title>
      <link>https://vulnerability.circl.lu/sighting/3b4fe301-22d2-4a25-a468-676eac2ff04b/export</link>
      <description>{"uuid": "3b4fe301-22d2-4a25-a468-676eac2ff04b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53872", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moivlzrdyp2b", "content": "CVE-2026-53872 - picklescan - Arbitrary File Read via Unsafe Pickle Deserialization\nCVE ID : CVE-2026-53872\n \n Published : June 17, 2026, 3:05 p.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowi...", "creation_timestamp": "2026-06-17T18:04:28.771437Z"}</description>
      <content:encoded>{"uuid": "3b4fe301-22d2-4a25-a468-676eac2ff04b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53872", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moivlzrdyp2b", "content": "CVE-2026-53872 - picklescan - Arbitrary File Read via Unsafe Pickle Deserialization\nCVE ID : CVE-2026-53872\n \n Published : June 17, 2026, 3:05 p.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowi...", "creation_timestamp": "2026-06-17T18:04:28.771437Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3b4fe301-22d2-4a25-a468-676eac2ff04b/export</guid>
      <pubDate>Wed, 17 Jun 2026 18:04:28 +0000</pubDate>
    </item>
    <item>
      <title>3b471525-c891-4820-bf84-b8417a94f0cd</title>
      <link>https://vulnerability.circl.lu/sighting/3b471525-c891-4820-bf84-b8417a94f0cd/export</link>
      <description>{"uuid": "3b471525-c891-4820-bf84-b8417a94f0cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53873", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moivgiq3wx2h", "content": "CVE-2026-53873 - picklescan - Arbitrary Code Execution via profile.run() Blocklist Bypass\nCVE ID : CVE-2026-53873\n \n Published : June 17, 2026, 3:05 p.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : picklescan before 1.0.4 contains an incomplete blocklist for the profile module t...", "creation_timestamp": "2026-06-17T18:01:23.193148Z"}</description>
      <content:encoded>{"uuid": "3b471525-c891-4820-bf84-b8417a94f0cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53873", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moivgiq3wx2h", "content": "CVE-2026-53873 - picklescan - Arbitrary Code Execution via profile.run() Blocklist Bypass\nCVE ID : CVE-2026-53873\n \n Published : June 17, 2026, 3:05 p.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : picklescan before 1.0.4 contains an incomplete blocklist for the profile module t...", "creation_timestamp": "2026-06-17T18:01:23.193148Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3b471525-c891-4820-bf84-b8417a94f0cd/export</guid>
      <pubDate>Wed, 17 Jun 2026 18:01:23 +0000</pubDate>
    </item>
  </channel>
</rss>
