<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Tue, 14 Jul 2026 06:11:30 +0000</lastBuildDate>
    <item>
      <title>2053d048-32e2-4198-aa4e-018cb5ac49d1</title>
      <link>https://vulnerability.circl.lu/sighting/2053d048-32e2-4198-aa4e-018cb5ac49d1/export</link>
      <description>{"uuid": "2053d048-32e2-4198-aa4e-018cb5ac49d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55441", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mpfzi2vvym2n", "content": "\ud83d\udfe0 CVE-2026-55441 - High (8.6)\n\nmise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.4, mise's trust f...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-55441/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-29T08:01:03.532007Z"}</description>
      <content:encoded>{"uuid": "2053d048-32e2-4198-aa4e-018cb5ac49d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55441", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mpfzi2vvym2n", "content": "\ud83d\udfe0 CVE-2026-55441 - High (8.6)\n\nmise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.4, mise's trust f...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-55441/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-29T08:01:03.532007Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/2053d048-32e2-4198-aa4e-018cb5ac49d1/export</guid>
      <pubDate>Mon, 29 Jun 2026 08:01:03 +0000</pubDate>
    </item>
    <item>
      <title>9df87b07-8569-485e-87cd-93963c3dd87c</title>
      <link>https://vulnerability.circl.lu/sighting/9df87b07-8569-485e-87cd-93963c3dd87c/export</link>
      <description>{"uuid": "9df87b07-8569-485e-87cd-93963c3dd87c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55441", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mpdx3k2zqp2y", "content": "CVE-2026-55441 - Critical RCE in Mise. Trust bypass via task-include files allows tera exec() before trust_check. CVSS 8.6. No patch yet. Disable task-includes or block untrusted dirs. #CVE #Mise #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-55441/", "creation_timestamp": "2026-06-28T12:12:56.211843Z"}</description>
      <content:encoded>{"uuid": "9df87b07-8569-485e-87cd-93963c3dd87c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55441", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mpdx3k2zqp2y", "content": "CVE-2026-55441 - Critical RCE in Mise. Trust bypass via task-include files allows tera exec() before trust_check. CVSS 8.6. No patch yet. Disable task-includes or block untrusted dirs. #CVE #Mise #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-55441/", "creation_timestamp": "2026-06-28T12:12:56.211843Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9df87b07-8569-485e-87cd-93963c3dd87c/export</guid>
      <pubDate>Sun, 28 Jun 2026 12:12:56 +0000</pubDate>
    </item>
    <item>
      <title>5e029218-09f1-4165-894b-35437c86b450</title>
      <link>https://vulnerability.circl.lu/sighting/5e029218-09f1-4165-894b-35437c86b450/export</link>
      <description>{"uuid": "5e029218-09f1-4165-894b-35437c86b450", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55441", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7nj3eykd2n", "content": "CVE-2026-55441 - mise: Arbitrary command execution via task-include files in an untrusted, config-less repository\nCVE ID : CVE-2026-55441\n \n Published : June 26, 2026, 4:48 p.m. | 56\u00a0minutes ago\n \n Description : mise manages dev tools like node, python, cmake, and terraform. P...", "creation_timestamp": "2026-06-26T19:10:55.166477Z"}</description>
      <content:encoded>{"uuid": "5e029218-09f1-4165-894b-35437c86b450", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55441", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7nj3eykd2n", "content": "CVE-2026-55441 - mise: Arbitrary command execution via task-include files in an untrusted, config-less repository\nCVE ID : CVE-2026-55441\n \n Published : June 26, 2026, 4:48 p.m. | 56\u00a0minutes ago\n \n Description : mise manages dev tools like node, python, cmake, and terraform. P...", "creation_timestamp": "2026-06-26T19:10:55.166477Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5e029218-09f1-4165-894b-35437c86b450/export</guid>
      <pubDate>Fri, 26 Jun 2026 19:10:55 +0000</pubDate>
    </item>
    <item>
      <title>e60d2f11-a7bb-412c-8590-5951d5a9b32a</title>
      <link>https://vulnerability.circl.lu/sighting/e60d2f11-a7bb-412c-8590-5951d5a9b32a/export</link>
      <description>{"uuid": "e60d2f11-a7bb-412c-8590-5951d5a9b32a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55447", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mp7nccqsap2n", "content": "\ud83d\udccc CVE-2026-55447 - Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, by controlling a files that are digested into the RAG, ... https://www.cyberhub.blog/cves/CVE-2026-55447", "creation_timestamp": "2026-06-26T19:07:07.485968Z"}</description>
      <content:encoded>{"uuid": "e60d2f11-a7bb-412c-8590-5951d5a9b32a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55447", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mp7nccqsap2n", "content": "\ud83d\udccc CVE-2026-55447 - Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, by controlling a files that are digested into the RAG, ... https://www.cyberhub.blog/cves/CVE-2026-55447", "creation_timestamp": "2026-06-26T19:07:07.485968Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e60d2f11-a7bb-412c-8590-5951d5a9b32a/export</guid>
      <pubDate>Fri, 26 Jun 2026 19:07:07 +0000</pubDate>
    </item>
    <item>
      <title>d2c0902b-6b8e-4828-b1f6-ac63e785179e</title>
      <link>https://vulnerability.circl.lu/sighting/d2c0902b-6b8e-4828-b1f6-ac63e785179e/export</link>
      <description>{"uuid": "d2c0902b-6b8e-4828-b1f6-ac63e785179e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55448", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7lljtyfl2l", "content": "CVE-2026-55448 - mise: Local credential_command executes untrusted config\nCVE ID : CVE-2026-55448\n \n Published : June 26, 2026, 4:46 p.m. | 58\u00a0minutes ago\n \n Description : mise manages dev tools like node, python, cmake, and terraform. From 2026.3.15 until 2026.6.4, mise loads...", "creation_timestamp": "2026-06-26T18:36:29.110645Z"}</description>
      <content:encoded>{"uuid": "d2c0902b-6b8e-4828-b1f6-ac63e785179e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55448", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7lljtyfl2l", "content": "CVE-2026-55448 - mise: Local credential_command executes untrusted config\nCVE ID : CVE-2026-55448\n \n Published : June 26, 2026, 4:46 p.m. | 58\u00a0minutes ago\n \n Description : mise manages dev tools like node, python, cmake, and terraform. From 2026.3.15 until 2026.6.4, mise loads...", "creation_timestamp": "2026-06-26T18:36:29.110645Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d2c0902b-6b8e-4828-b1f6-ac63e785179e/export</guid>
      <pubDate>Fri, 26 Jun 2026 18:36:29 +0000</pubDate>
    </item>
    <item>
      <title>18f0da16-54e6-48c9-aff8-b932eb7cb389</title>
      <link>https://vulnerability.circl.lu/sighting/18f0da16-54e6-48c9-aff8-b932eb7cb389/export</link>
      <description>{"uuid": "18f0da16-54e6-48c9-aff8-b932eb7cb389", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55447", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3moopuvtpix24", "content": "A single poisoned document dropped into a Langflow RAG pipeline reads any file on the box, forges a login token, then runs code. CVE-2026-55447, CVSS 9.6. Patched in 1.9.2.\n\n#CVE #infosec #cybersecurity", "creation_timestamp": "2026-06-20T01:38:03.201863Z"}</description>
      <content:encoded>{"uuid": "18f0da16-54e6-48c9-aff8-b932eb7cb389", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55447", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3moopuvtpix24", "content": "A single poisoned document dropped into a Langflow RAG pipeline reads any file on the box, forges a login token, then runs code. CVE-2026-55447, CVSS 9.6. Patched in 1.9.2.\n\n#CVE #infosec #cybersecurity", "creation_timestamp": "2026-06-20T01:38:03.201863Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/18f0da16-54e6-48c9-aff8-b932eb7cb389/export</guid>
      <pubDate>Sat, 20 Jun 2026 01:38:03 +0000</pubDate>
    </item>
    <item>
      <title>5ee9e7b4-e210-4096-9f7e-bc7c9bff1a5a</title>
      <link>https://vulnerability.circl.lu/sighting/5ee9e7b4-e210-4096-9f7e-bc7c9bff1a5a/export</link>
      <description>{"uuid": "5ee9e7b4-e210-4096-9f7e-bc7c9bff1a5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55447", "type": "published-proof-of-concept", "source": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-ccv6-r384-xp75", "content": "", "creation_timestamp": "2026-06-19T13:25:18.000000Z"}</description>
      <content:encoded>{"uuid": "5ee9e7b4-e210-4096-9f7e-bc7c9bff1a5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55447", "type": "published-proof-of-concept", "source": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-ccv6-r384-xp75", "content": "", "creation_timestamp": "2026-06-19T13:25:18.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5ee9e7b4-e210-4096-9f7e-bc7c9bff1a5a/export</guid>
      <pubDate>Fri, 19 Jun 2026 13:25:18 +0000</pubDate>
    </item>
    <item>
      <title>98e3bfb8-8018-4339-96d1-78d3e44eeb0b</title>
      <link>https://vulnerability.circl.lu/sighting/98e3bfb8-8018-4339-96d1-78d3e44eeb0b/export</link>
      <description>{"uuid": "98e3bfb8-8018-4339-96d1-78d3e44eeb0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55446", "type": "published-proof-of-concept", "source": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-qwqc-p3q8-wcg9", "content": "", "creation_timestamp": "2026-06-19T13:09:48.000000Z"}</description>
      <content:encoded>{"uuid": "98e3bfb8-8018-4339-96d1-78d3e44eeb0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55446", "type": "published-proof-of-concept", "source": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-qwqc-p3q8-wcg9", "content": "", "creation_timestamp": "2026-06-19T13:09:48.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/98e3bfb8-8018-4339-96d1-78d3e44eeb0b/export</guid>
      <pubDate>Fri, 19 Jun 2026 13:09:48 +0000</pubDate>
    </item>
    <item>
      <title>43e9e6b9-2666-4fdc-b7b8-135a1b97405d</title>
      <link>https://vulnerability.circl.lu/sighting/43e9e6b9-2666-4fdc-b7b8-135a1b97405d/export</link>
      <description>{"uuid": "43e9e6b9-2666-4fdc-b7b8-135a1b97405d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55448", "type": "published-proof-of-concept", "source": "https://github.com/jdx/mise/security/advisories/GHSA-29hf-rm4x-xxph", "content": "", "creation_timestamp": "2026-06-12T17:40:16.000000Z"}</description>
      <content:encoded>{"uuid": "43e9e6b9-2666-4fdc-b7b8-135a1b97405d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55448", "type": "published-proof-of-concept", "source": "https://github.com/jdx/mise/security/advisories/GHSA-29hf-rm4x-xxph", "content": "", "creation_timestamp": "2026-06-12T17:40:16.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/43e9e6b9-2666-4fdc-b7b8-135a1b97405d/export</guid>
      <pubDate>Fri, 12 Jun 2026 17:40:16 +0000</pubDate>
    </item>
    <item>
      <title>64832c6d-d30d-4e70-a34f-cad1cb5dde0b</title>
      <link>https://vulnerability.circl.lu/sighting/64832c6d-d30d-4e70-a34f-cad1cb5dde0b/export</link>
      <description>{"uuid": "64832c6d-d30d-4e70-a34f-cad1cb5dde0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55441", "type": "published-proof-of-concept", "source": "https://github.com/jdx/mise/security/advisories/GHSA-77g9-363w-rccq", "content": "", "creation_timestamp": "2026-06-12T15:56:47.000000Z"}</description>
      <content:encoded>{"uuid": "64832c6d-d30d-4e70-a34f-cad1cb5dde0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55441", "type": "published-proof-of-concept", "source": "https://github.com/jdx/mise/security/advisories/GHSA-77g9-363w-rccq", "content": "", "creation_timestamp": "2026-06-12T15:56:47.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/64832c6d-d30d-4e70-a34f-cad1cb5dde0b/export</guid>
      <pubDate>Fri, 12 Jun 2026 15:56:47 +0000</pubDate>
    </item>
  </channel>
</rss>
