<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-19T01:35:24.532712+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7b903441-67f1-4d13-9127-431d5e7bcbbe/export</id>
    <title>7b903441-67f1-4d13-9127-431d5e7bcbbe</title>
    <updated>2026-07-19T01:35:24.557244+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7b903441-67f1-4d13-9127-431d5e7bcbbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40823", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmt7bfh4i42t", "content": "CVE-2026-40823 - Authenticated SQLi in DevSerialReset function\nCVE ID : CVE-2026-40823\n \n Published : May 27, 2026, 8:16 a.m. | 15\u00a0minutes ago\n \n Description : A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DevSerialReset fu...", "creation_timestamp": "2026-05-27T09:33:43.510035Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7b903441-67f1-4d13-9127-431d5e7bcbbe/export"/>
    <published>2026-05-27T09:33:43.510035+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f8880692-f82f-4c85-9d54-ed0ee7a55b45/export</id>
    <title>f8880692-f82f-4c85-9d54-ed0ee7a55b45</title>
    <updated>2026-07-19T01:35:24.560558+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f8880692-f82f-4c85-9d54-ed0ee7a55b45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40824", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmt66bwzwf2n", "content": "CVE-2026-40824 - Authenticated SQLi in accountstatus view\nCVE ID : CVE-2026-40824\n \n Published : May 27, 2026, 8:16 a.m. | 15\u00a0minutes ago\n \n Description : A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view use...", "creation_timestamp": "2026-05-27T09:14:05.594117Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f8880692-f82f-4c85-9d54-ed0ee7a55b45/export"/>
    <published>2026-05-27T09:14:05.594117+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/09ff5b84-7a54-4250-97e6-b9c25638f060/export</id>
    <title>09ff5b84-7a54-4250-97e6-b9c25638f060</title>
    <updated>2026-07-19T01:35:24.560724+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "09ff5b84-7a54-4250-97e6-b9c25638f060", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40825", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmt5wchvu42i", "content": "CVE-2026-40825 - Authenticated SQLi in accountstatus view\nCVE ID : CVE-2026-40825\n \n Published : May 27, 2026, 8:16 a.m. | 15\u00a0minutes ago\n \n Description : A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view dev...", "creation_timestamp": "2026-05-27T09:09:37.955231Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/09ff5b84-7a54-4250-97e6-b9c25638f060/export"/>
    <published>2026-05-27T09:09:37.955231+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/dfba5497-58bf-4cea-a0c8-500884818030/export</id>
    <title>dfba5497-58bf-4cea-a0c8-500884818030</title>
    <updated>2026-07-19T01:35:24.560838+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "dfba5497-58bf-4cea-a0c8-500884818030", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40821", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmt5spnx352o", "content": "CVE-2026-40821 - Authenticated SQLi in getAccountByID function\nCVE ID : CVE-2026-40821\n \n Published : May 27, 2026, 8:16 a.m. | 15\u00a0minutes ago\n \n Description : A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountByID fu...", "creation_timestamp": "2026-05-27T09:07:37.192180Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/dfba5497-58bf-4cea-a0c8-500884818030/export"/>
    <published>2026-05-27T09:07:37.192180+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3c4264e9-a8b8-4f30-8c78-271067f6564f/export</id>
    <title>3c4264e9-a8b8-4f30-8c78-271067f6564f</title>
    <updated>2026-07-19T01:35:24.560949+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3c4264e9-a8b8-4f30-8c78-271067f6564f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40822", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmt5pdzo272p", "content": "CVE-2026-40822 - Authenticated SQLi in DevSerialReset function\nCVE ID : CVE-2026-40822\n \n Published : May 27, 2026, 8:16 a.m. | 15\u00a0minutes ago\n \n Description : A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DevSerialReset fu...", "creation_timestamp": "2026-05-27T09:05:44.402135Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3c4264e9-a8b8-4f30-8c78-271067f6564f/export"/>
    <published>2026-05-27T09:05:44.402135+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8eef51c2-f200-45fa-a226-8c2eda2cd5c9/export</id>
    <title>8eef51c2-f200-45fa-a226-8c2eda2cd5c9</title>
    <updated>2026-07-19T01:35:24.561053+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8eef51c2-f200-45fa-a226-8c2eda2cd5c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40826", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmt5j6yajv2t", "content": "CVE-2026-40826 - Authenticated SQLi in dsgvo_contracts view\nCVE ID : CVE-2026-40826\n \n Published : May 27, 2026, 8:16 a.m. | 15\u00a0minutes ago\n \n Description : A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dsgvo_contracts view...", "creation_timestamp": "2026-05-27T09:02:17.744775Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8eef51c2-f200-45fa-a226-8c2eda2cd5c9/export"/>
    <published>2026-05-27T09:02:17.744775+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a26cd386-c09e-4422-ab7f-54683f5fae9f/export</id>
    <title>a26cd386-c09e-4422-ab7f-54683f5fae9f</title>
    <updated>2026-07-19T01:35:24.561159+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a26cd386-c09e-4422-ab7f-54683f5fae9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-40825", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mmt5fyl4zu2m", "content": "SQL Injection alert: MB connect line mbCONNECT24 hit by HIGH severity vuln (CVE-2026-40825). No patch yet \u2014 restrict access &amp;amp; watch for updates. https://radar.offseq.com/threat/cve-2026-40825-cwe-89-improper-neutralization-of-s-0b1fbf64 #OffSeq #SQLInjection #Security", "creation_timestamp": "2026-05-27T09:00:31.071044Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a26cd386-c09e-4422-ab7f-54683f5fae9f/export"/>
    <published>2026-05-27T09:00:31.071044+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/72d7a640-5435-4a5d-ad3b-d6c9a65a26ae/export</id>
    <title>72d7a640-5435-4a5d-ad3b-d6c9a65a26ae</title>
    <updated>2026-07-19T01:35:24.561261+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "72d7a640-5435-4a5d-ad3b-d6c9a65a26ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-40825", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116645719441029051", "content": "\u26a0\ufe0f HIGH severity: CVE-2026-40825 in MB connect line mbCONNECT24. SQL Injection via accountstatus view devices param enables DB read/modify. No patch yet \u2014 restrict access &amp;amp; monitor vendor advisories. https://radar.offseq.com/threat/cve-2026-40825-cwe-89-improper-neutralization-of-s-0b1fbf64 #OffSeq #SQLInjection #Vuln #MBconnect", "creation_timestamp": "2026-05-27T09:00:29.144333Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/72d7a640-5435-4a5d-ad3b-d6c9a65a26ae/export"/>
    <published>2026-05-27T09:00:29.144333+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/edc7a1e0-3847-43e5-bbe9-46b7fa5cb9eb/export</id>
    <title>edc7a1e0-3847-43e5-bbe9-46b7fa5cb9eb</title>
    <updated>2026-07-19T01:35:24.561365+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "edc7a1e0-3847-43e5-bbe9-46b7fa5cb9eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40820", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/116645529147227087", "content": "#OT #Advisory VDE-2026-058Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual\nMultiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820\nhttps://certvde.com/en/advisories/vde-2026-058/\n#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json", "creation_timestamp": "2026-05-27T08:12:10.879544Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/edc7a1e0-3847-43e5-bbe9-46b7fa5cb9eb/export"/>
    <published>2026-05-27T08:12:10.879544+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/792a4777-dc9d-4a76-ba5d-f6ad3f43834f/export</id>
    <title>792a4777-dc9d-4a76-ba5d-f6ad3f43834f</title>
    <updated>2026-07-19T01:35:24.561470+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "792a4777-dc9d-4a76-ba5d-f6ad3f43834f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40821", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/116645529147227087", "content": "#OT #Advisory VDE-2026-058Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual\nMultiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820\nhttps://certvde.com/en/advisories/vde-2026-058/\n#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json", "creation_timestamp": "2026-05-27T08:12:10.747948Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/792a4777-dc9d-4a76-ba5d-f6ad3f43834f/export"/>
    <published>2026-05-27T08:12:10.747948+00:00</published>
  </entry>
</feed>
