<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sat, 18 Jul 2026 10:08:47 +0000</lastBuildDate>
    <item>
      <title>cb5073df-4ff9-4acc-8a22-8b5153d56d41</title>
      <link>https://vulnerability.circl.lu/sighting/cb5073df-4ff9-4acc-8a22-8b5153d56d41/export</link>
      <description>{"uuid": "cb5073df-4ff9-4acc-8a22-8b5153d56d41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56765", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqgm7kzfna2w", "content": "\ud83d\udd34 CVE-2026-56765 - Critical (9.8)\n\nVikunja before 2.2.1 contains an authorization flaw where the LinkSharing.ReadAll endpoint expose...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-56765/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-12T07:01:31.241078Z"}</description>
      <content:encoded>{"uuid": "cb5073df-4ff9-4acc-8a22-8b5153d56d41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56765", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqgm7kzfna2w", "content": "\ud83d\udd34 CVE-2026-56765 - Critical (9.8)\n\nVikunja before 2.2.1 contains an authorization flaw where the LinkSharing.ReadAll endpoint expose...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-56765/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-12T07:01:31.241078Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/cb5073df-4ff9-4acc-8a22-8b5153d56d41/export</guid>
      <pubDate>Sun, 12 Jul 2026 07:01:31 +0000</pubDate>
    </item>
    <item>
      <title>38b8e404-9ee4-4f16-a622-297c2cb06190</title>
      <link>https://vulnerability.circl.lu/sighting/38b8e404-9ee4-4f16-a622-297c2cb06190/export</link>
      <description>{"uuid": "38b8e404-9ee4-4f16-a622-297c2cb06190", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56763", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqezy366wt2e", "content": "CVE-2026-56763 - Hono - Prototype Pollution via __proto__ Key in parseBody with dot Option\nCVE ID : CVE-2026-56763\n \n Published : July 11, 2026, 2:16 p.m. | 1\u00a0hour, 8\u00a0minutes ago\n \n Description : Hono before 4.12.7 allows __proto__ key in parseBody with dot option enabled, per...", "creation_timestamp": "2026-07-11T16:02:32.198290Z"}</description>
      <content:encoded>{"uuid": "38b8e404-9ee4-4f16-a622-297c2cb06190", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56763", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqezy366wt2e", "content": "CVE-2026-56763 - Hono - Prototype Pollution via __proto__ Key in parseBody with dot Option\nCVE ID : CVE-2026-56763\n \n Published : July 11, 2026, 2:16 p.m. | 1\u00a0hour, 8\u00a0minutes ago\n \n Description : Hono before 4.12.7 allows __proto__ key in parseBody with dot option enabled, per...", "creation_timestamp": "2026-07-11T16:02:32.198290Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/38b8e404-9ee4-4f16-a622-297c2cb06190/export</guid>
      <pubDate>Sat, 11 Jul 2026 16:02:32 +0000</pubDate>
    </item>
    <item>
      <title>e14d5609-fbfb-47f4-9dc8-c7eabbe9cc17</title>
      <link>https://vulnerability.circl.lu/sighting/e14d5609-fbfb-47f4-9dc8-c7eabbe9cc17/export</link>
      <description>{"uuid": "e14d5609-fbfb-47f4-9dc8-c7eabbe9cc17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56763", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqevjxoudi2f", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-56763 \u0432 Hono: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/12D46BBB-B2FF-4552-96D2-06EAFCD4DC2E", "creation_timestamp": "2026-07-11T14:43:03.835883Z"}</description>
      <content:encoded>{"uuid": "e14d5609-fbfb-47f4-9dc8-c7eabbe9cc17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56763", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqevjxoudi2f", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-56763 \u0432 Hono: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/12D46BBB-B2FF-4552-96D2-06EAFCD4DC2E", "creation_timestamp": "2026-07-11T14:43:03.835883Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e14d5609-fbfb-47f4-9dc8-c7eabbe9cc17/export</guid>
      <pubDate>Sat, 11 Jul 2026 14:43:03 +0000</pubDate>
    </item>
    <item>
      <title>56c705d5-f39b-4b69-939e-a204dcc634cb</title>
      <link>https://vulnerability.circl.lu/sighting/56c705d5-f39b-4b69-939e-a204dcc634cb/export</link>
      <description>{"uuid": "56c705d5-f39b-4b69-939e-a204dcc634cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56765", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqcltiwe322h", "content": "CVE-2026-56765\nVikunja, a task management software, has a security flaw that lets unauthorized users access sensitive share links and attachments. This could lead to unauthorized access to confidential files and data. To fix\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-10T16:44:06.910792Z"}</description>
      <content:encoded>{"uuid": "56c705d5-f39b-4b69-939e-a204dcc634cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56765", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqcltiwe322h", "content": "CVE-2026-56765\nVikunja, a task management software, has a security flaw that lets unauthorized users access sensitive share links and attachments. This could lead to unauthorized access to confidential files and data. To fix\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-10T16:44:06.910792Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/56c705d5-f39b-4b69-939e-a204dcc634cb/export</guid>
      <pubDate>Fri, 10 Jul 2026 16:44:06 +0000</pubDate>
    </item>
    <item>
      <title>a6ff268e-a927-4512-a96b-cb8f3e758e4d</title>
      <link>https://vulnerability.circl.lu/sighting/a6ff268e-a927-4512-a96b-cb8f3e758e4d/export</link>
      <description>{"uuid": "a6ff268e-a927-4512-a96b-cb8f3e758e4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56768", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5m2eudfs2p", "content": "CVE-2026-56768 - Seahub\nCVE ID : CVE-2026-56768\n \n Published : June 25, 2026, 6:05 p.m. | 3\u00a0hours, 6\u00a0minutes ago\n \n Description : Seahub before 13.0.23 does not enforce SHARE_LINK_LOGIN_REQUIRED on GET /api/v2.1/share-link-zip-task/, allowing unauthenticated users to bypass au...", "creation_timestamp": "2026-06-25T23:39:27.379885Z"}</description>
      <content:encoded>{"uuid": "a6ff268e-a927-4512-a96b-cb8f3e758e4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56768", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5m2eudfs2p", "content": "CVE-2026-56768 - Seahub\nCVE ID : CVE-2026-56768\n \n Published : June 25, 2026, 6:05 p.m. | 3\u00a0hours, 6\u00a0minutes ago\n \n Description : Seahub before 13.0.23 does not enforce SHARE_LINK_LOGIN_REQUIRED on GET /api/v2.1/share-link-zip-task/, allowing unauthenticated users to bypass au...", "creation_timestamp": "2026-06-25T23:39:27.379885Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a6ff268e-a927-4512-a96b-cb8f3e758e4d/export</guid>
      <pubDate>Thu, 25 Jun 2026 23:39:27 +0000</pubDate>
    </item>
    <item>
      <title>3b72349d-419e-4104-8ccd-ff0f9fccf6ca</title>
      <link>https://vulnerability.circl.lu/sighting/3b72349d-419e-4104-8ccd-ff0f9fccf6ca/export</link>
      <description>{"uuid": "3b72349d-419e-4104-8ccd-ff0f9fccf6ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56766", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5lrgeajq2a", "content": "CVE-2026-56766 - Hydra - Stack Buffer Overflow in NTLM Authentication Handler\nCVE ID : CVE-2026-56766\n \n Published : June 25, 2026, 6:01 p.m. | 3\u00a0hours, 10\u00a0minutes ago\n \n Description : Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authent...", "creation_timestamp": "2026-06-25T23:34:26.863909Z"}</description>
      <content:encoded>{"uuid": "3b72349d-419e-4104-8ccd-ff0f9fccf6ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56766", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5lrgeajq2a", "content": "CVE-2026-56766 - Hydra - Stack Buffer Overflow in NTLM Authentication Handler\nCVE ID : CVE-2026-56766\n \n Published : June 25, 2026, 6:01 p.m. | 3\u00a0hours, 10\u00a0minutes ago\n \n Description : Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authent...", "creation_timestamp": "2026-06-25T23:34:26.863909Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3b72349d-419e-4104-8ccd-ff0f9fccf6ca/export</guid>
      <pubDate>Thu, 25 Jun 2026 23:34:26 +0000</pubDate>
    </item>
    <item>
      <title>9491a291-17cb-42e4-b639-1b25b6e9c985</title>
      <link>https://vulnerability.circl.lu/sighting/9491a291-17cb-42e4-b639-1b25b6e9c985/export</link>
      <description>{"uuid": "9491a291-17cb-42e4-b639-1b25b6e9c985", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56767", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5kc6oyzd27", "content": "CVE-2026-56767 - Maxun\nCVE ID : CVE-2026-56767\n \n Published : June 25, 2026, 6:03 p.m. | 3\u00a0hours, 7\u00a0minutes ago\n \n Description : Maxun before 0.0.42 contains a cross-tenant insecure direct object reference vulnerability in storage and webhook API handlers that allows authentic...", "creation_timestamp": "2026-06-25T23:08:01.644372Z"}</description>
      <content:encoded>{"uuid": "9491a291-17cb-42e4-b639-1b25b6e9c985", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56767", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5kc6oyzd27", "content": "CVE-2026-56767 - Maxun\nCVE ID : CVE-2026-56767\n \n Published : June 25, 2026, 6:03 p.m. | 3\u00a0hours, 7\u00a0minutes ago\n \n Description : Maxun before 0.0.42 contains a cross-tenant insecure direct object reference vulnerability in storage and webhook API handlers that allows authentic...", "creation_timestamp": "2026-06-25T23:08:01.644372Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9491a291-17cb-42e4-b639-1b25b6e9c985/export</guid>
      <pubDate>Thu, 25 Jun 2026 23:08:01 +0000</pubDate>
    </item>
    <item>
      <title>225eb88c-ffa5-40c9-b71f-343fa60e23c4</title>
      <link>https://vulnerability.circl.lu/sighting/225eb88c-ffa5-40c9-b71f-343fa60e23c4/export</link>
      <description>{"uuid": "225eb88c-ffa5-40c9-b71f-343fa60e23c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56769", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5k4slih62z", "content": "CVE-2026-56769 - Huly Platform - Server-Side Request Forgery via /import Endpoint\nCVE ID : CVE-2026-56769\n \n Published : June 25, 2026, 6:05 p.m. | 3\u00a0hours, 5\u00a0minutes ago\n \n Description : Huly Platform before commit 68cbf8a contains an authenticated server-side request forgery...", "creation_timestamp": "2026-06-25T23:05:01.434525Z"}</description>
      <content:encoded>{"uuid": "225eb88c-ffa5-40c9-b71f-343fa60e23c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56769", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5k4slih62z", "content": "CVE-2026-56769 - Huly Platform - Server-Side Request Forgery via /import Endpoint\nCVE ID : CVE-2026-56769\n \n Published : June 25, 2026, 6:05 p.m. | 3\u00a0hours, 5\u00a0minutes ago\n \n Description : Huly Platform before commit 68cbf8a contains an authenticated server-side request forgery...", "creation_timestamp": "2026-06-25T23:05:01.434525Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/225eb88c-ffa5-40c9-b71f-343fa60e23c4/export</guid>
      <pubDate>Thu, 25 Jun 2026 23:05:01 +0000</pubDate>
    </item>
    <item>
      <title>4650687e-a8d1-4862-8ae7-b14c761853a7</title>
      <link>https://vulnerability.circl.lu/sighting/4650687e-a8d1-4862-8ae7-b14c761853a7/export</link>
      <description>{"uuid": "4650687e-a8d1-4862-8ae7-b14c761853a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56761", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp23unyhat2i", "content": "CVE-2026-56761 - hono - HTML Injection via Improper JSX Attribute Name Handling in SSR\nCVE ID : CVE-2026-56761\n \n Published : June 24, 2026, 11:53 a.m. | 1\u00a0hour, 51\u00a0minutes ago\n \n Description : hono before 4.12.14 contains an html injection vulnerability in jsx server-side ren...", "creation_timestamp": "2026-06-24T14:11:56.527824Z"}</description>
      <content:encoded>{"uuid": "4650687e-a8d1-4862-8ae7-b14c761853a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56761", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp23unyhat2i", "content": "CVE-2026-56761 - hono - HTML Injection via Improper JSX Attribute Name Handling in SSR\nCVE ID : CVE-2026-56761\n \n Published : June 24, 2026, 11:53 a.m. | 1\u00a0hour, 51\u00a0minutes ago\n \n Description : hono before 4.12.14 contains an html injection vulnerability in jsx server-side ren...", "creation_timestamp": "2026-06-24T14:11:56.527824Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/4650687e-a8d1-4862-8ae7-b14c761853a7/export</guid>
      <pubDate>Wed, 24 Jun 2026 14:11:56 +0000</pubDate>
    </item>
    <item>
      <title>8a9d627b-f6d5-4e34-bcd4-68de5c247e0d</title>
      <link>https://vulnerability.circl.lu/sighting/8a9d627b-f6d5-4e34-bcd4-68de5c247e0d/export</link>
      <description>{"uuid": "8a9d627b-f6d5-4e34-bcd4-68de5c247e0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5676", "type": "published-proof-of-concept", "source": "Telegram/MEpsfFR7A3mQ2dGKH0pRdtzvADr6R8o0dal6eRm_pMO8wsk", "content": "", "creation_timestamp": "2026-04-06T21:20:35.000000Z"}</description>
      <content:encoded>{"uuid": "8a9d627b-f6d5-4e34-bcd4-68de5c247e0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5676", "type": "published-proof-of-concept", "source": "Telegram/MEpsfFR7A3mQ2dGKH0pRdtzvADr6R8o0dal6eRm_pMO8wsk", "content": "", "creation_timestamp": "2026-04-06T21:20:35.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/8a9d627b-f6d5-4e34-bcd4-68de5c247e0d/export</guid>
      <pubDate>Mon, 06 Apr 2026 21:20:35 +0000</pubDate>
    </item>
  </channel>
</rss>
