Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-01T11:44:13.598669+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/cfbe9902-9872-4a82-8d3c-ad1d2a807646/export cfbe9902-9872-4a82-8d3c-ad1d2a807646 2026-06-01T11:44:13.970381+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "cfbe9902-9872-4a82-8d3c-ad1d2a807646", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-29200", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116515132214621660", "content": "\ud83d\udea8 CVE-2026-29200: CRITICAL IDOR in WebPros Comet Backup (20.11.0 \u2013 26.1.1, 26.2.1) lets tenant admins impersonate any end user on the server. No patch yet \u2014 restrict admin access and monitor for suspicious cross-tenant activity. https://radar.offseq.com/threat/cve-2026-29200-cwe-639-insecure-direct-object-refe-d3747bfb #OffSeq #infosec #CVE202629200", "creation_timestamp": "2026-05-04T07:30:25.921366Z"} 2026-05-04T07:30:25.921366+00:00 https://vulnerability.circl.lu/sighting/08159aad-0b0c-4bdc-a771-f3fd527ea78e/export 08159aad-0b0c-4bdc-a771-f3fd527ea78e 2026-06-01T11:44:13.970285+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "08159aad-0b0c-4bdc-a771-f3fd527ea78e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-29200", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mkz5ns63hh2o", "content": "CRITICAL: WebPros Comet Backup (20.11.0 \u2013 26.1.1, 26.2.1) has an IDOR flaw letting tenant admins impersonate end users across tenants. No patch yet \u2014 restrict admin rights & monitor activity. https://radar.offseq.com/threat/cve-2026-29200-cwe-639-insecure-direct-object-refe-d3747bfb #OffSeq #CVE2...", "creation_timestamp": "2026-05-04T07:30:28.016407Z"} 2026-05-04T07:30:28.016407+00:00 https://vulnerability.circl.lu/sighting/b70defb7-4d89-4df7-802d-4a31e363cb92/export b70defb7-4d89-4df7-802d-4a31e363cb92 2026-06-01T11:44:13.966621+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "b70defb7-4d89-4df7-802d-4a31e363cb92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29200", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mkzp7q7ikj2g", "content": "CVE-2026-29200: A 9.9 CVSS Comet Backup Flaw Granting Total Cross-Tenant Takeover", "creation_timestamp": "2026-05-04T12:44:43.271634Z"} 2026-05-04T12:44:43.271634+00:00