<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Wed, 15 Jul 2026 14:55:01 +0000</lastBuildDate>
    <item>
      <title>5ba22fe6-b6cd-4086-9c43-b3ba53ae21c9</title>
      <link>https://vulnerability.circl.lu/sighting/5ba22fe6-b6cd-4086-9c43-b3ba53ae21c9/export</link>
      <description>{"uuid": "5ba22fe6-b6cd-4086-9c43-b3ba53ae21c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-62327", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqkvmuflp22f", "content": "decolua 9Router \u22640.4.41 has a CRITICAL flaw: unauthenticated access to /api/usage/stats leaks all connected AI API keys &amp;amp; usage. Restrict endpoint or add authentication ASAP. https://radar.offseq.com/threat/cve-2026-62327-missing-authentication-for-critical-4c8f1eac7b8172c7 #OffSeq #CVE #APIsecurity", "creation_timestamp": "2026-07-14T00:00:40.472306Z"}</description>
      <content:encoded>{"uuid": "5ba22fe6-b6cd-4086-9c43-b3ba53ae21c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-62327", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqkvmuflp22f", "content": "decolua 9Router \u22640.4.41 has a CRITICAL flaw: unauthenticated access to /api/usage/stats leaks all connected AI API keys &amp;amp; usage. Restrict endpoint or add authentication ASAP. https://radar.offseq.com/threat/cve-2026-62327-missing-authentication-for-critical-4c8f1eac7b8172c7 #OffSeq #CVE #APIsecurity", "creation_timestamp": "2026-07-14T00:00:40.472306Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5ba22fe6-b6cd-4086-9c43-b3ba53ae21c9/export</guid>
      <pubDate>Tue, 14 Jul 2026 00:00:40 +0000</pubDate>
    </item>
    <item>
      <title>e391303e-6377-4dcc-a5c2-d2c751a5728b</title>
      <link>https://vulnerability.circl.lu/sighting/e391303e-6377-4dcc-a5c2-d2c751a5728b/export</link>
      <description>{"uuid": "e391303e-6377-4dcc-a5c2-d2c751a5728b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-62327", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116915387588740902", "content": "CVE-2026-62327 (CRITICAL): decolua 9Router \u22640.4.41 exposes plaintext API keys &amp;amp; usage stats via unauthenticated /api/usage/stats. No patch yet \u2014 restrict access or add auth controls. Details: https://radar.offseq.com/threat/cve-2026-62327-missing-authentication-for-critical-4c8f1eac7b8172c7 #OffSeq #CVE #APIsecurity #Vuln", "creation_timestamp": "2026-07-14T00:00:38.703535Z"}</description>
      <content:encoded>{"uuid": "e391303e-6377-4dcc-a5c2-d2c751a5728b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-62327", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116915387588740902", "content": "CVE-2026-62327 (CRITICAL): decolua 9Router \u22640.4.41 exposes plaintext API keys &amp;amp; usage stats via unauthenticated /api/usage/stats. No patch yet \u2014 restrict access or add auth controls. Details: https://radar.offseq.com/threat/cve-2026-62327-missing-authentication-for-critical-4c8f1eac7b8172c7 #OffSeq #CVE #APIsecurity #Vuln", "creation_timestamp": "2026-07-14T00:00:38.703535Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e391303e-6377-4dcc-a5c2-d2c751a5728b/export</guid>
      <pubDate>Tue, 14 Jul 2026 00:00:38 +0000</pubDate>
    </item>
    <item>
      <title>0a192d44-d4d6-47ef-ad68-09340a96cd09</title>
      <link>https://vulnerability.circl.lu/sighting/0a192d44-d4d6-47ef-ad68-09340a96cd09/export</link>
      <description>{"uuid": "0a192d44-d4d6-47ef-ad68-09340a96cd09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-62327", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqkslpine22x", "content": "CVE-2026-62327 - 9Router 0.4.41 - Unauthenticated API Key Exposure via /api/usage/stats\nCVE ID : CVE-2026-62327\n \n Published : July 13, 2026, 9:37 p.m. | 14\u00a0minutes ago\n \n Description : 9Router through version 0.4.41 contain an unauthenticated information disclosure vulnerabil...", "creation_timestamp": "2026-07-13T23:06:19.801872Z"}</description>
      <content:encoded>{"uuid": "0a192d44-d4d6-47ef-ad68-09340a96cd09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-62327", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqkslpine22x", "content": "CVE-2026-62327 - 9Router 0.4.41 - Unauthenticated API Key Exposure via /api/usage/stats\nCVE ID : CVE-2026-62327\n \n Published : July 13, 2026, 9:37 p.m. | 14\u00a0minutes ago\n \n Description : 9Router through version 0.4.41 contain an unauthenticated information disclosure vulnerabil...", "creation_timestamp": "2026-07-13T23:06:19.801872Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0a192d44-d4d6-47ef-ad68-09340a96cd09/export</guid>
      <pubDate>Mon, 13 Jul 2026 23:06:19 +0000</pubDate>
    </item>
    <item>
      <title>82c37dbb-f8a2-4555-86f6-1529212d0a44</title>
      <link>https://vulnerability.circl.lu/sighting/82c37dbb-f8a2-4555-86f6-1529212d0a44/export</link>
      <description>{"uuid": "82c37dbb-f8a2-4555-86f6-1529212d0a44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-62327", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqkogyu3uw2v", "content": "CVE-2026-62327 - 9router\nThe 9Router software up to version 0.4.41 allows anyone to access sensitive API keys for connected AI services without needing a password. This is a serious issue because attackers\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#9router #decolua #CVE #infosec", "creation_timestamp": "2026-07-13T21:52:06.517905Z"}</description>
      <content:encoded>{"uuid": "82c37dbb-f8a2-4555-86f6-1529212d0a44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-62327", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqkogyu3uw2v", "content": "CVE-2026-62327 - 9router\nThe 9Router software up to version 0.4.41 allows anyone to access sensitive API keys for connected AI services without needing a password. This is a serious issue because attackers\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#9router #decolua #CVE #infosec", "creation_timestamp": "2026-07-13T21:52:06.517905Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/82c37dbb-f8a2-4555-86f6-1529212d0a44/export</guid>
      <pubDate>Mon, 13 Jul 2026 21:52:06 +0000</pubDate>
    </item>
  </channel>
</rss>
