Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-15T21:10:10.155584+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/5d323a04-6b74-4c78-861e-e0311120e435/export 5d323a04-6b74-4c78-861e-e0311120e435 2026-06-15T21:10:10.577798+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "5d323a04-6b74-4c78-861e-e0311120e435", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10586", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mniyhk3bqm2d", "content": "HIGH severity SSRF in Gutenberg Essential Blocks (WordPress plugin) lets Authors+ send arbitrary server requests. No patch yet \u2014 restrict Author access & monitor activity. https://radar.offseq.com/threat/cve-2026-10586-cwe-918-server-side-request-forgery-f1206b69 #OffSeq #WordPress #SSRF", "creation_timestamp": "2026-06-05T01:30:28.744138Z"} 2026-06-05T01:30:28.744138+00:00 https://vulnerability.circl.lu/sighting/4244681f-08ee-4b77-9640-b485285c6212/export 4244681f-08ee-4b77-9640-b485285c6212 2026-06-15T21:10:10.577677+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "4244681f-08ee-4b77-9640-b485285c6212", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10586", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116694910594929909", "content": "\u26a0\ufe0f CVE-2026-10586: HIGH severity SSRF in Gutenberg Essential Blocks for WordPress (\u22646.1.3). Authors+ can send arbitrary server requests via save_ai_generated_image(). No patch yet \u2014 restrict access & monitor. https://radar.offseq.com/threat/cve-2026-10586-cwe-918-server-side-request-forgery-f1206b69 #OffSeq #WordPress #SSRF", "creation_timestamp": "2026-06-05T01:30:40.994823Z"} 2026-06-05T01:30:40.994823+00:00 https://vulnerability.circl.lu/sighting/587c84e6-830a-4859-b938-a3d787f8d28c/export 587c84e6-830a-4859-b938-a3d787f8d28c 2026-06-15T21:10:10.575586+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "587c84e6-830a-4859-b938-a3d787f8d28c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10586", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mnjhjxnha72r", "content": "Gutenberg Essential Blocks lets authenticated users make arbitrary web requests from your server. SSRF at 7.2/10 (CVE-2026-10586). They grab wp-config, internal APIs, cloud metadata. Update to 6.1.3 now. Scan your WordPress site: pulse-wp.com\n#WordPress #CVE #CyberSecurity", "creation_timestamp": "2026-06-05T06:00:15.181956Z"} 2026-06-05T06:00:15.181956+00:00