https://vulnerability.circl.lu/sightings/feed 2026-06-06T22:04:00.964816+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/7a92851a-9c08-43a3-bdac-1d07dbccd1f4/export 2026-06-06T22:04:01.320562+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "7a92851a-9c08-43a3-bdac-1d07dbccd1f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mngmztd3wh22", "content": "\ud83d\udfe0 CVE-2026-10737 - High (7.5)\n\nThe SP Project & Document Manager plugin for WordPress is vulnerable to unauthorized access due t...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-10737/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-04T03:00:37.918548Z"} 2026-06-04T03:00:37.918548+00:00 https://vulnerability.circl.lu/sighting/2f15848e-df81-484e-8900-dd61c3dfb7fb/export 2026-06-06T22:04:01.320473+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "2f15848e-df81-484e-8900-dd61c3dfb7fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mngzsdlxk324", "content": "CVE-2026-10737 - SP Project & Document Manager\nCVE ID : CVE-2026-10737\n \n Published : June 4, 2026, 2:16 a.m. | 4\u00a0hours, 16\u00a0minutes ago\n \n Description : The SP Project & Document Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability ...", "creation_timestamp": "2026-06-04T06:49:06.578209Z"} 2026-06-04T06:49:06.578209+00:00 https://vulnerability.circl.lu/sighting/9f10f0cc-9044-4644-8526-da0889cc1c01/export 2026-06-06T22:04:01.320394+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "9f10f0cc-9044-4644-8526-da0889cc1c01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mnircqmoxk26", "content": "Unauthenticated attackers can read arbitrary file metadata and grab download links via SP Project & Document Manager. CVE-2026-10737 (CVSS 7.5) exploits missing capability checks in versions \u22644.71. Update immediately to 4.71+ \u2192 pulse-wp.com\n#WordPress #CyberSecurity #InfoSec #CVE", "creation_timestamp": "2026-06-04T23:22:30.518304Z"} 2026-06-04T23:22:30.518304+00:00 https://vulnerability.circl.lu/sighting/c6c0b7bc-1e32-4ed7-989c-62834b85ce8a/export 2026-06-06T22:04:01.320305+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "c6c0b7bc-1e32-4ed7-989c-62834b85ce8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mnirmpxct22x", "content": "Unauthenticated attackers can download arbitrary files from SP Project & Document Manager via missing capability checks. CVE-2026-10737 (CVSS 7.5 HIGH). Affects all versions through 4.71. Update now \u2192 pulse-wp.com\n#WordPress #AccessControl #CyberSecurity", "creation_timestamp": "2026-06-04T23:28:06.432733Z"} 2026-06-04T23:28:06.432733+00:00 https://vulnerability.circl.lu/sighting/c8e3662b-2bd0-4249-b173-7cfbfb2a2637/export 2026-06-06T22:04:01.320222+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "c8e3662b-2bd0-4249-b173-7cfbfb2a2637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mnirr3vfxi26", "content": "CVE-2026-10737. CVSS 7.5. SP Project & Document Manager leaks file metadata and download links to anyone. No auth needed. Your configs, backups, API keys exposed.\n\nUpdate to 4.71. now.\n\n\u2192 pulse-wp.com\n#WordPress #AccessControl #CyberSecurity", "creation_timestamp": "2026-06-04T23:30:32.096936Z"} 2026-06-04T23:30:32.096936+00:00 https://vulnerability.circl.lu/sighting/9a78e302-e89b-47e9-9786-cdc682625eb9/export 2026-06-06T22:04:01.320101+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "9a78e302-e89b-47e9-9786-cdc682625eb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mnirwyoxo42a", "content": "CVE-2026-10737. CVSS 7.5. SP Project & Document Manager leaks file metadata and download links to anyone. No auth needed. Your wp-config could be next.\n\nUpdate to 4.71. now. \u2192 pulse-wp.com\n#WordPress #AccessControl #CyberSecurity", "creation_timestamp": "2026-06-04T23:33:50.308809Z"} 2026-06-04T23:33:50.308809+00:00 https://vulnerability.circl.lu/sighting/45c11c26-00ab-4285-8525-265efa834fb5/export 2026-06-06T22:04:01.319928+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "45c11c26-00ab-4285-8525-265efa834fb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mnis7ahx5p2k", "content": "CVE-2026-10737. CVSS 7.5. SP Project & Document Manager leaks file metadata and download links to unauthenticated visitors. Your wp-config. Database backups. Client files. All exposed.\n\nUpdate to 4.71 now.\n\nScan your WordPress site: pulse-wp.com\n#WordPress #AccessControl #CyberSecurity", "creation_timestamp": "2026-06-04T23:38:26.800071Z"} 2026-06-04T23:38:26.800071+00:00 https://vulnerability.circl.lu/sighting/27bb9312-7bef-42f0-ae99-8556f00d921f/export 2026-06-06T22:04:01.317942+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "27bb9312-7bef-42f0-ae99-8556f00d921f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mnisbxpsiv2l", "content": "CVE-2026-10737. CVSS 7.5. SP Project & Document Manager leaks file metadata and download links to anyone. No auth needed. Your wp-config could be next.\n\nUpdate to 4.71. now. \u2192 pulse-wp.com\n#WordPress #AccessControl #PotatoSecurity", "creation_timestamp": "2026-06-04T23:39:58.520689Z"} 2026-06-04T23:39:58.520689+00:00 https://vulnerability.circl.lu/sighting/6917f2ed-5e50-4526-824d-08bb7bb1bd05/export 2026-06-06T22:04:01.315193+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "6917f2ed-5e50-4526-824d-08bb7bb1bd05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mnj3tf3oaw2f", "content": "Top 3 CVE for last 7 days:\nCVE-2025-48595: 136 interactions\nCVE-2026-0257: 43 interactions\nCVE-2026-48778: 23 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-49858: 11 interactions\nCVE-2026-20230: 6 interactions\nCVE-2026-10737: 4 interactions\n", "creation_timestamp": "2026-06-05T02:30:48.004045Z"} 2026-06-05T02:30:48.004045+00:00