<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sun, 12 Jul 2026 21:30:44 +0000</lastBuildDate>
    <item>
      <title>9600df9c-c34e-4d32-95fd-642b605eec33</title>
      <link>https://vulnerability.circl.lu/sighting/9600df9c-c34e-4d32-95fd-642b605eec33/export</link>
      <description>{"uuid": "9600df9c-c34e-4d32-95fd-642b605eec33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54063", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqfhbphs4f25", "content": "\ud83d\udfe0 CVE-2026-54063 - High (7.5)\n\nExcelize is a Go language library for reading and writing Microsoft Excel spreadsheets. Prior to ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-54063/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-11T20:00:34.692008Z"}</description>
      <content:encoded>{"uuid": "9600df9c-c34e-4d32-95fd-642b605eec33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54063", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqfhbphs4f25", "content": "\ud83d\udfe0 CVE-2026-54063 - High (7.5)\n\nExcelize is a Go language library for reading and writing Microsoft Excel spreadsheets. Prior to ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-54063/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-11T20:00:34.692008Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9600df9c-c34e-4d32-95fd-642b605eec33/export</guid>
      <pubDate>Sat, 11 Jul 2026 20:00:34 +0000</pubDate>
    </item>
    <item>
      <title>7326db5c-a8a7-48f6-acb3-62b1cbf4b920</title>
      <link>https://vulnerability.circl.lu/sighting/7326db5c-a8a7-48f6-acb3-62b1cbf4b920/export</link>
      <description>{"uuid": "7326db5c-a8a7-48f6-acb3-62b1cbf4b920", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54068", "type": "seen", "source": "https://gist.github.com/alon710/5b22d6c437eabc82b89ba6fa8ccee27d", "content": "# CVE-2026-54068: CVE-2026-54068: Unauthenticated Server-Side Template Injection and SQLite Exfiltration in SiYuan PKM\n\n&amp;gt; **CVSS Score:** 5.9\n&amp;gt; **Published:** 2026-07-10\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-54068\n\n## Summary\nAn authentication bypass in the SiYuan personal knowledge management system before version 3.7.0 exposes a dynamic icon rendering endpoint. This endpoint processes client-supplied Go template directives. By submitting a crafted request, an unauthenticated remote attacker can leverage registered database template functions to execute arbitrary read-only SQL queries and exfiltrate workspace contents.\n\n## TL;DR\nAn unauthenticated API endpoint in SiYuan PKM before 3.7.0 evaluates user-controlled input using the Go template engine. Remote attackers can leverage registered SQL helper functions to query the underlying SQLite database and exfiltrate notes, credentials, and system metadata.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-306\n- **Attack Vector**: Network (AV:N)\n- **CVSS Score**: 5.9 (Medium)\n- **EPSS Score**: 0.00239 (Percentile Rank: 14.92%)\n- **Impact**: High Confidentiality Leakage\n- **Exploit Status**: Proof-of-Concept\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- SiYuan Open-Source Personal Knowledge Management System\n- **siyuan**: &amp;lt; 3.7.0 (Fixed in: `3.7.0`)\n\n## Mitigation\n\n- Upgrade SiYuan to version 3.7.0 or newer.\n- Restrict network access to the SiYuan API and web UI using reverse proxies or firewall ACLs.\n- Monitor HTTP access logs for requests containing the .action parameter targeting /api/icon/getDynamicIcon.\n\n**Remediation Steps:**\n1. Verify the running version of SiYuan using the version endpoint or the application UI.\n2. Update the Docker image or localized installation to version 3.7.0.\n3. Restart the service and confirm that accessing /api/icon/getDynamicIcon without an authorization header yields an HTTP 401 Unauthorized response.\n\n## References\n\n- [GitHub Security Advisory GHSA-gcm7-57gf-953c](https://github.com/siyuan-note/siyuan/security/advisories/GHSA-gcm7-57gf-953c)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-54068) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-07-11T04:41:43.033051Z"}</description>
      <content:encoded>{"uuid": "7326db5c-a8a7-48f6-acb3-62b1cbf4b920", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54068", "type": "seen", "source": "https://gist.github.com/alon710/5b22d6c437eabc82b89ba6fa8ccee27d", "content": "# CVE-2026-54068: CVE-2026-54068: Unauthenticated Server-Side Template Injection and SQLite Exfiltration in SiYuan PKM\n\n&amp;gt; **CVSS Score:** 5.9\n&amp;gt; **Published:** 2026-07-10\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-54068\n\n## Summary\nAn authentication bypass in the SiYuan personal knowledge management system before version 3.7.0 exposes a dynamic icon rendering endpoint. This endpoint processes client-supplied Go template directives. By submitting a crafted request, an unauthenticated remote attacker can leverage registered database template functions to execute arbitrary read-only SQL queries and exfiltrate workspace contents.\n\n## TL;DR\nAn unauthenticated API endpoint in SiYuan PKM before 3.7.0 evaluates user-controlled input using the Go template engine. Remote attackers can leverage registered SQL helper functions to query the underlying SQLite database and exfiltrate notes, credentials, and system metadata.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-306\n- **Attack Vector**: Network (AV:N)\n- **CVSS Score**: 5.9 (Medium)\n- **EPSS Score**: 0.00239 (Percentile Rank: 14.92%)\n- **Impact**: High Confidentiality Leakage\n- **Exploit Status**: Proof-of-Concept\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- SiYuan Open-Source Personal Knowledge Management System\n- **siyuan**: &amp;lt; 3.7.0 (Fixed in: `3.7.0`)\n\n## Mitigation\n\n- Upgrade SiYuan to version 3.7.0 or newer.\n- Restrict network access to the SiYuan API and web UI using reverse proxies or firewall ACLs.\n- Monitor HTTP access logs for requests containing the .action parameter targeting /api/icon/getDynamicIcon.\n\n**Remediation Steps:**\n1. Verify the running version of SiYuan using the version endpoint or the application UI.\n2. Update the Docker image or localized installation to version 3.7.0.\n3. Restart the service and confirm that accessing /api/icon/getDynamicIcon without an authorization header yields an HTTP 401 Unauthorized response.\n\n## References\n\n- [GitHub Security Advisory GHSA-gcm7-57gf-953c](https://github.com/siyuan-note/siyuan/security/advisories/GHSA-gcm7-57gf-953c)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-54068) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-07-11T04:41:43.033051Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7326db5c-a8a7-48f6-acb3-62b1cbf4b920/export</guid>
      <pubDate>Sat, 11 Jul 2026 04:41:43 +0000</pubDate>
    </item>
    <item>
      <title>53bea1f4-c919-4cf4-bf2b-2a2f2c09b72c</title>
      <link>https://vulnerability.circl.lu/sighting/53bea1f4-c919-4cf4-bf2b-2a2f2c09b72c/export</link>
      <description>{"uuid": "53bea1f4-c919-4cf4-bf2b-2a2f2c09b72c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54069", "type": "seen", "source": "https://gist.github.com/alon710/4e3f9aded7567695df7a9de4278d2ca5", "content": "# CVE-2026-54069: CVE-2026-54069: Authentication Bypass in SiYuan Note via Origin Header Spoofing\n\n&amp;gt; **CVSS Score:** 9.1\n&amp;gt; **Published:** 2026-07-10\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-54069\n\n## Summary\nCVE-2026-54069 is a critical authentication bypass vulnerability in the SiYuan Note personal knowledge management system. The flaw is located in the HTTP server's middleware handling API authorization, which unconditionally trusts requests carrying a 'chrome-extension://' scheme in the Origin HTTP header, granting administrative access without validating API tokens.\n\n## TL;DR\nA flaw in SiYuan Note's authorization middleware permits remote and local attackers to bypass authentication entirely by presenting a crafted Origin header starting with 'chrome-extension://'.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-346\n- **Attack Vector**: Network\n- **CVSS Score**: 9.1 (Critical)\n- **EPSS Score**: 0.00607\n- **Exploit Status**: poc\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- SiYuan Note Kernel\n- **SiYuan Note**: &amp;lt; 3.7.0 (Fixed in: `3.7.0`)\n\n## Mitigation\n\n- Upgrade to version 3.7.0 or later\n- Ensure application binds strictly to localhost (127.0.0.1)\n- Restrict browser extensions in environments where desktop client runs\n\n**Remediation Steps:**\n1. Verify the current running version of the SiYuan Note kernel.\n2. Download and install version 3.7.0 or newer from the official GitHub release page.\n3. Update internal configuration files to bind services exclusively to loopback network interfaces.\n\n## References\n\n- [GitHub Security Advisory GHSA-hvr9-72v2-fff3](https://github.com/siyuan-note/siyuan/security/advisories/GHSA-hvr9-72v2-fff3)\n- [NVD - CVE-2026-54069](https://nvd.nist.gov/vuln/detail/CVE-2026-54069)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-54069) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-07-11T04:12:19.280241Z"}</description>
      <content:encoded>{"uuid": "53bea1f4-c919-4cf4-bf2b-2a2f2c09b72c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54069", "type": "seen", "source": "https://gist.github.com/alon710/4e3f9aded7567695df7a9de4278d2ca5", "content": "# CVE-2026-54069: CVE-2026-54069: Authentication Bypass in SiYuan Note via Origin Header Spoofing\n\n&amp;gt; **CVSS Score:** 9.1\n&amp;gt; **Published:** 2026-07-10\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-54069\n\n## Summary\nCVE-2026-54069 is a critical authentication bypass vulnerability in the SiYuan Note personal knowledge management system. The flaw is located in the HTTP server's middleware handling API authorization, which unconditionally trusts requests carrying a 'chrome-extension://' scheme in the Origin HTTP header, granting administrative access without validating API tokens.\n\n## TL;DR\nA flaw in SiYuan Note's authorization middleware permits remote and local attackers to bypass authentication entirely by presenting a crafted Origin header starting with 'chrome-extension://'.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-346\n- **Attack Vector**: Network\n- **CVSS Score**: 9.1 (Critical)\n- **EPSS Score**: 0.00607\n- **Exploit Status**: poc\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- SiYuan Note Kernel\n- **SiYuan Note**: &amp;lt; 3.7.0 (Fixed in: `3.7.0`)\n\n## Mitigation\n\n- Upgrade to version 3.7.0 or later\n- Ensure application binds strictly to localhost (127.0.0.1)\n- Restrict browser extensions in environments where desktop client runs\n\n**Remediation Steps:**\n1. Verify the current running version of the SiYuan Note kernel.\n2. Download and install version 3.7.0 or newer from the official GitHub release page.\n3. Update internal configuration files to bind services exclusively to loopback network interfaces.\n\n## References\n\n- [GitHub Security Advisory GHSA-hvr9-72v2-fff3](https://github.com/siyuan-note/siyuan/security/advisories/GHSA-hvr9-72v2-fff3)\n- [NVD - CVE-2026-54069](https://nvd.nist.gov/vuln/detail/CVE-2026-54069)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-54069) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-07-11T04:12:19.280241Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/53bea1f4-c919-4cf4-bf2b-2a2f2c09b72c/export</guid>
      <pubDate>Sat, 11 Jul 2026 04:12:19 +0000</pubDate>
    </item>
    <item>
      <title>9a51b1d9-d416-43a1-a50c-8dc7290a521a</title>
      <link>https://vulnerability.circl.lu/sighting/9a51b1d9-d416-43a1-a50c-8dc7290a521a/export</link>
      <description>{"uuid": "9a51b1d9-d416-43a1-a50c-8dc7290a521a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54063", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdhbhp6hh27", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-54063 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 Excelize: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/6172A7C3-40BC-4332-8077-3A95BF95B9B1", "creation_timestamp": "2026-07-11T00:55:06.449341Z"}</description>
      <content:encoded>{"uuid": "9a51b1d9-d416-43a1-a50c-8dc7290a521a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54063", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdhbhp6hh27", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-54063 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 Excelize: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/6172A7C3-40BC-4332-8077-3A95BF95B9B1", "creation_timestamp": "2026-07-11T00:55:06.449341Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9a51b1d9-d416-43a1-a50c-8dc7290a521a/export</guid>
      <pubDate>Sat, 11 Jul 2026 00:55:06 +0000</pubDate>
    </item>
    <item>
      <title>d0085fc3-7f98-4c60-a230-8602ee65b629</title>
      <link>https://vulnerability.circl.lu/sighting/d0085fc3-7f98-4c60-a230-8602ee65b629/export</link>
      <description>{"uuid": "d0085fc3-7f98-4c60-a230-8602ee65b629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54063", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdcwqstcx2s", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-54063 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 Excelize: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/A2F5B519-DFDA-450C-9572-A5A2D04A065B", "creation_timestamp": "2026-07-10T23:37:31.958214Z"}</description>
      <content:encoded>{"uuid": "d0085fc3-7f98-4c60-a230-8602ee65b629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54063", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdcwqstcx2s", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-54063 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 Excelize: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/A2F5B519-DFDA-450C-9572-A5A2D04A065B", "creation_timestamp": "2026-07-10T23:37:31.958214Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d0085fc3-7f98-4c60-a230-8602ee65b629/export</guid>
      <pubDate>Fri, 10 Jul 2026 23:37:31 +0000</pubDate>
    </item>
    <item>
      <title>199fe6b6-2d84-4852-b297-e4ae26291175</title>
      <link>https://vulnerability.circl.lu/sighting/199fe6b6-2d84-4852-b297-e4ae26291175/export</link>
      <description>{"uuid": "199fe6b6-2d84-4852-b297-e4ae26291175", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54066", "type": "published-proof-of-concept", "source": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-p4m3-mgmm-c664", "content": "", "creation_timestamp": "2026-07-10T20:35:23.985206Z"}</description>
      <content:encoded>{"uuid": "199fe6b6-2d84-4852-b297-e4ae26291175", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54066", "type": "published-proof-of-concept", "source": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-p4m3-mgmm-c664", "content": "", "creation_timestamp": "2026-07-10T20:35:23.985206Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/199fe6b6-2d84-4852-b297-e4ae26291175/export</guid>
      <pubDate>Fri, 10 Jul 2026 20:35:23 +0000</pubDate>
    </item>
    <item>
      <title>08ffa1a1-727c-46eb-86ac-22eb3f5dcf53</title>
      <link>https://vulnerability.circl.lu/sighting/08ffa1a1-727c-46eb-86ac-22eb3f5dcf53/export</link>
      <description>{"uuid": "08ffa1a1-727c-46eb-86ac-22eb3f5dcf53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54067", "type": "published-proof-of-concept", "source": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-mvjr-vv3c-w4qv", "content": "", "creation_timestamp": "2026-07-10T20:35:21.535640Z"}</description>
      <content:encoded>{"uuid": "08ffa1a1-727c-46eb-86ac-22eb3f5dcf53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54067", "type": "published-proof-of-concept", "source": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-mvjr-vv3c-w4qv", "content": "", "creation_timestamp": "2026-07-10T20:35:21.535640Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/08ffa1a1-727c-46eb-86ac-22eb3f5dcf53/export</guid>
      <pubDate>Fri, 10 Jul 2026 20:35:21 +0000</pubDate>
    </item>
    <item>
      <title>4438c2e2-9d63-49b1-b75f-4b902da3db97</title>
      <link>https://vulnerability.circl.lu/sighting/4438c2e2-9d63-49b1-b75f-4b902da3db97/export</link>
      <description>{"uuid": "4438c2e2-9d63-49b1-b75f-4b902da3db97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54063", "type": "published-proof-of-concept", "source": "https://github.com/qax-os/excelize/security/advisories/GHSA-h69g-9hx6-f3v4", "content": "", "creation_timestamp": "2026-07-10T20:35:19.289594Z"}</description>
      <content:encoded>{"uuid": "4438c2e2-9d63-49b1-b75f-4b902da3db97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54063", "type": "published-proof-of-concept", "source": "https://github.com/qax-os/excelize/security/advisories/GHSA-h69g-9hx6-f3v4", "content": "", "creation_timestamp": "2026-07-10T20:35:19.289594Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/4438c2e2-9d63-49b1-b75f-4b902da3db97/export</guid>
      <pubDate>Fri, 10 Jul 2026 20:35:19 +0000</pubDate>
    </item>
    <item>
      <title>95024f00-38c5-4b98-9811-892d30eaa819</title>
      <link>https://vulnerability.circl.lu/sighting/95024f00-38c5-4b98-9811-892d30eaa819/export</link>
      <description>{"uuid": "95024f00-38c5-4b98-9811-892d30eaa819", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54068", "type": "published-proof-of-concept", "source": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-gcm7-57gf-953c", "content": "", "creation_timestamp": "2026-07-10T20:35:17.027007Z"}</description>
      <content:encoded>{"uuid": "95024f00-38c5-4b98-9811-892d30eaa819", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54068", "type": "published-proof-of-concept", "source": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-gcm7-57gf-953c", "content": "", "creation_timestamp": "2026-07-10T20:35:17.027007Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/95024f00-38c5-4b98-9811-892d30eaa819/export</guid>
      <pubDate>Fri, 10 Jul 2026 20:35:17 +0000</pubDate>
    </item>
    <item>
      <title>45674df4-4132-4724-8785-1363fcb119ed</title>
      <link>https://vulnerability.circl.lu/sighting/45674df4-4132-4724-8785-1363fcb119ed/export</link>
      <description>{"uuid": "45674df4-4132-4724-8785-1363fcb119ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54069", "type": "published-proof-of-concept", "source": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-hvr9-72v2-fff3", "content": "", "creation_timestamp": "2026-07-10T20:35:09.561115Z"}</description>
      <content:encoded>{"uuid": "45674df4-4132-4724-8785-1363fcb119ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54069", "type": "published-proof-of-concept", "source": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-hvr9-72v2-fff3", "content": "", "creation_timestamp": "2026-07-10T20:35:09.561115Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/45674df4-4132-4724-8785-1363fcb119ed/export</guid>
      <pubDate>Fri, 10 Jul 2026 20:35:09 +0000</pubDate>
    </item>
  </channel>
</rss>
