<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sun, 12 Jul 2026 15:37:35 +0000</lastBuildDate>
    <item>
      <title>95c5da80-4aab-47c8-a079-24bd62bcb8d7</title>
      <link>https://vulnerability.circl.lu/sighting/95c5da80-4aab-47c8-a079-24bd62bcb8d7/export</link>
      <description>{"uuid": "95c5da80-4aab-47c8-a079-24bd62bcb8d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54163", "type": "published-proof-of-concept", "source": "https://github.com/github/secure_headers/security/advisories/GHSA-rqq5-2gf9-4w4q", "content": "", "creation_timestamp": "2026-07-10T22:35:03.444531Z"}</description>
      <content:encoded>{"uuid": "95c5da80-4aab-47c8-a079-24bd62bcb8d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54163", "type": "published-proof-of-concept", "source": "https://github.com/github/secure_headers/security/advisories/GHSA-rqq5-2gf9-4w4q", "content": "", "creation_timestamp": "2026-07-10T22:35:03.444531Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/95c5da80-4aab-47c8-a079-24bd62bcb8d7/export</guid>
      <pubDate>Fri, 10 Jul 2026 22:35:03 +0000</pubDate>
    </item>
    <item>
      <title>436e4d38-06d6-403a-a709-bfdea681352e</title>
      <link>https://vulnerability.circl.lu/sighting/436e4d38-06d6-403a-a709-bfdea681352e/export</link>
      <description>{"uuid": "436e4d38-06d6-403a-a709-bfdea681352e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54161", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mq57zkesqs2d", "content": "A Network UPS Tools RCE (CVE-2026-54161) lets a malicious upsd trigger upsmon command injection as root. No patch exists yet, so mitigate now.\n\n#NetworkUPSTools #NUT #upsmon #CommandInjection #RCE #CVE202654161 #CyberSecurity", "creation_timestamp": "2026-07-08T13:29:26.633333Z"}</description>
      <content:encoded>{"uuid": "436e4d38-06d6-403a-a709-bfdea681352e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54161", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mq57zkesqs2d", "content": "A Network UPS Tools RCE (CVE-2026-54161) lets a malicious upsd trigger upsmon command injection as root. No patch exists yet, so mitigate now.\n\n#NetworkUPSTools #NUT #upsmon #CommandInjection #RCE #CVE202654161 #CyberSecurity", "creation_timestamp": "2026-07-08T13:29:26.633333Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/436e4d38-06d6-403a-a709-bfdea681352e/export</guid>
      <pubDate>Wed, 08 Jul 2026 13:29:26 +0000</pubDate>
    </item>
    <item>
      <title>e7c8f82d-1e0b-4b9e-82a1-b74844771a8f</title>
      <link>https://vulnerability.circl.lu/sighting/e7c8f82d-1e0b-4b9e-82a1-b74844771a8f/export</link>
      <description>{"uuid": "e7c8f82d-1e0b-4b9e-82a1-b74844771a8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54164", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpny46qtik2u", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-54164 \u0432 API Platform Core: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/0C6E3765-61BE-44B4-AAFE-CE156048FA15", "creation_timestamp": "2026-07-02T11:57:48.614114Z"}</description>
      <content:encoded>{"uuid": "e7c8f82d-1e0b-4b9e-82a1-b74844771a8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54164", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpny46qtik2u", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-54164 \u0432 API Platform Core: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/0C6E3765-61BE-44B4-AAFE-CE156048FA15", "creation_timestamp": "2026-07-02T11:57:48.614114Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e7c8f82d-1e0b-4b9e-82a1-b74844771a8f/export</guid>
      <pubDate>Thu, 02 Jul 2026 11:57:48 +0000</pubDate>
    </item>
    <item>
      <title>9937adf3-6cc4-41f1-8061-d5bf982865ae</title>
      <link>https://vulnerability.circl.lu/sighting/9937adf3-6cc4-41f1-8061-d5bf982865ae/export</link>
      <description>{"uuid": "9937adf3-6cc4-41f1-8061-d5bf982865ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54161", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mpmcxjg7pw2x", "content": "CVE-2026-54161: NUT upsmon: remote OS command injection via ups.alarm in NOTIFYCMD - fixed in PR #3499 (affects 2.8.3\u20132.8.5)", "creation_timestamp": "2026-07-01T20:06:43.761524Z"}</description>
      <content:encoded>{"uuid": "9937adf3-6cc4-41f1-8061-d5bf982865ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54161", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mpmcxjg7pw2x", "content": "CVE-2026-54161: NUT upsmon: remote OS command injection via ups.alarm in NOTIFYCMD - fixed in PR #3499 (affects 2.8.3\u20132.8.5)", "creation_timestamp": "2026-07-01T20:06:43.761524Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9937adf3-6cc4-41f1-8061-d5bf982865ae/export</guid>
      <pubDate>Wed, 01 Jul 2026 20:06:43 +0000</pubDate>
    </item>
    <item>
      <title>1fb9aaef-edfa-4442-9d82-5cd87754ad64</title>
      <link>https://vulnerability.circl.lu/sighting/1fb9aaef-edfa-4442-9d82-5cd87754ad64/export</link>
      <description>{"uuid": "1fb9aaef-edfa-4442-9d82-5cd87754ad64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5416", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mofwivxh672f", "content": "CVE-2026-5416 - Command Injection via name parameter\nCVE ID : CVE-2026-5416\n \n Published : June 16, 2026, 10:16 a.m. | 2\u00a0hours, 52\u00a0minutes ago\n \n Description : Due to the improper neutralization of special elements used in a name parameter a low privileged remote attacker can ...", "creation_timestamp": "2026-06-16T13:42:38.602218Z"}</description>
      <content:encoded>{"uuid": "1fb9aaef-edfa-4442-9d82-5cd87754ad64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5416", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mofwivxh672f", "content": "CVE-2026-5416 - Command Injection via name parameter\nCVE ID : CVE-2026-5416\n \n Published : June 16, 2026, 10:16 a.m. | 2\u00a0hours, 52\u00a0minutes ago\n \n Description : Due to the improper neutralization of special elements used in a name parameter a low privileged remote attacker can ...", "creation_timestamp": "2026-06-16T13:42:38.602218Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1fb9aaef-edfa-4442-9d82-5cd87754ad64/export</guid>
      <pubDate>Tue, 16 Jun 2026 13:42:38 +0000</pubDate>
    </item>
    <item>
      <title>ae92c69a-ba61-46d4-a4b4-1dcdddd143b7</title>
      <link>https://vulnerability.circl.lu/sighting/ae92c69a-ba61-46d4-a4b4-1dcdddd143b7/export</link>
      <description>{"uuid": "ae92c69a-ba61-46d4-a4b4-1dcdddd143b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5416", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mofnhp7x6t2n", "content": "\ud83d\udfe0 CVE-2026-5416 - High (8.8)\n\nDue to the improper neutralization of special elements used in a name parameter a low privileged ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-5416/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-16T11:00:54.845889Z"}</description>
      <content:encoded>{"uuid": "ae92c69a-ba61-46d4-a4b4-1dcdddd143b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5416", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mofnhp7x6t2n", "content": "\ud83d\udfe0 CVE-2026-5416 - High (8.8)\n\nDue to the improper neutralization of special elements used in a name parameter a low privileged ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-5416/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-16T11:00:54.845889Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ae92c69a-ba61-46d4-a4b4-1dcdddd143b7/export</guid>
      <pubDate>Tue, 16 Jun 2026 11:00:54 +0000</pubDate>
    </item>
    <item>
      <title>5724d849-47a4-421b-b4a8-d21c7383524c</title>
      <link>https://vulnerability.circl.lu/sighting/5724d849-47a4-421b-b4a8-d21c7383524c/export</link>
      <description>{"uuid": "5724d849-47a4-421b-b4a8-d21c7383524c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5416", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3mofeee5snmy2", "content": "#OT #Advisory VDE-2026-038\nTURCK: Multiple Vulnerabilities in Managed Ethernet Switches\n\nMultiple vulnerabilities have been identified in the TBEN-Lx-SE-M2 firmware prior to version 2.1.2.0 in Managed Ethernet Switches.\n#CVE CVE-2025-68615, CVE-2026-5416 [\u2026]", "creation_timestamp": "2026-06-16T08:18:30.843737Z"}</description>
      <content:encoded>{"uuid": "5724d849-47a4-421b-b4a8-d21c7383524c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5416", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3mofeee5snmy2", "content": "#OT #Advisory VDE-2026-038\nTURCK: Multiple Vulnerabilities in Managed Ethernet Switches\n\nMultiple vulnerabilities have been identified in the TBEN-Lx-SE-M2 firmware prior to version 2.1.2.0 in Managed Ethernet Switches.\n#CVE CVE-2025-68615, CVE-2026-5416 [\u2026]", "creation_timestamp": "2026-06-16T08:18:30.843737Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5724d849-47a4-421b-b4a8-d21c7383524c/export</guid>
      <pubDate>Tue, 16 Jun 2026 08:18:30 +0000</pubDate>
    </item>
    <item>
      <title>942010d5-1660-45b2-9859-e2a8b1c4b852</title>
      <link>https://vulnerability.circl.lu/sighting/942010d5-1660-45b2-9859-e2a8b1c4b852/export</link>
      <description>{"uuid": "942010d5-1660-45b2-9859-e2a8b1c4b852", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54164", "type": "seen", "source": "https://bsky.app/profile/soyuka.me/post/3mo5jhr2ux22s", "content": "\ud83d\udd12 Security patch out for API Platform Core (CVE-2026-54164): a type-confusion bug let writable relations accept a wrong-type IRI. Upgrade to 4.1.30 / 4.2.26 / 4.3.12+. Details:\ngithub.com/api-platform...", "creation_timestamp": "2026-06-13T05:28:06.602010Z"}</description>
      <content:encoded>{"uuid": "942010d5-1660-45b2-9859-e2a8b1c4b852", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54164", "type": "seen", "source": "https://bsky.app/profile/soyuka.me/post/3mo5jhr2ux22s", "content": "\ud83d\udd12 Security patch out for API Platform Core (CVE-2026-54164): a type-confusion bug let writable relations accept a wrong-type IRI. Upgrade to 4.1.30 / 4.2.26 / 4.3.12+. Details:\ngithub.com/api-platform...", "creation_timestamp": "2026-06-13T05:28:06.602010Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/942010d5-1660-45b2-9859-e2a8b1c4b852/export</guid>
      <pubDate>Sat, 13 Jun 2026 05:28:06 +0000</pubDate>
    </item>
  </channel>
</rss>
