<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-14T21:24:49.841719+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/cf4a1f6d-7693-4d76-a9ee-c13ab361ec0a/export</id>
    <title>cf4a1f6d-7693-4d76-a9ee-c13ab361ec0a</title>
    <updated>2026-07-14T21:24:49.893434+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "cf4a1f6d-7693-4d76-a9ee-c13ab361ec0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41003", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3mombbn42ys2n", "content": "Spring Security\u3068Spring WS\u304cXSS\u30fbSSRF\u30fbXXE\u30fbBSP\u691c\u8a3c\u30d0\u30a4\u30d1\u30b9\u3092\u542b\u3080\u8907\u6570\u306e\u8106\u5f31\u6027\u3092\u4fee\u6b63(CVE-2026-41003,CVE-2026-40999)\u4ed6\nrocket-boys.co.jp/security-mea...\n\n#\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56Lab #security #securitynews", "creation_timestamp": "2026-06-19T02:11:28.280293Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/cf4a1f6d-7693-4d76-a9ee-c13ab361ec0a/export"/>
    <published>2026-06-19T02:11:28.280293+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5df30ba5-8995-46d2-87fb-4165ad6a270f/export</id>
    <title>5df30ba5-8995-46d2-87fb-4165ad6a270f</title>
    <updated>2026-07-14T21:24:49.895605+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5df30ba5-8995-46d2-87fb-4165ad6a270f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41001", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mofrmmqg672x", "content": "\ud83d\udd17 CVE : CVE-2026-41001, CVE-2026-41699, CVE-2026-41700, CVE-2026-41856", "creation_timestamp": "2026-06-16T12:15:14.515422Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5df30ba5-8995-46d2-87fb-4165ad6a270f/export"/>
    <published>2026-06-16T12:15:14.515422+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9fffe5ed-8ba1-480c-bc62-bae31f313652/export</id>
    <title>9fffe5ed-8ba1-480c-bc62-bae31f313652</title>
    <updated>2026-07-14T21:24:49.895723+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9fffe5ed-8ba1-480c-bc62-bae31f313652", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41005", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moban2bf3u2c", "content": "\ud83d\udd34 CVE-2026-41005 - Critical (9)\n\nCloud Foundry UAA incorrectly treated XML encryption to the Service Provider (confidentiality) as...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41005/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-14T17:00:36.824456Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9fffe5ed-8ba1-480c-bc62-bae31f313652/export"/>
    <published>2026-06-14T17:00:36.824456+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d65b94a5-e678-47df-bda4-331d2b7f03a7/export</id>
    <title>d65b94a5-e678-47df-bda4-331d2b7f03a7</title>
    <updated>2026-07-14T21:24:49.895820+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d65b94a5-e678-47df-bda4-331d2b7f03a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41000", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnzaoi3n5f2d", "content": "\ud83d\udd17 CVE : CVE-2026-40985, CVE-2026-40986, CVE-2026-40987, CVE-2026-40992, CVE-2026-40994, CVE-2026-40995, CVE-2026-40996, CVE-2026-40997, CVE-2026-40998, CVE-2026-40999, CVE-2026-41000, CVE-2026-41862", "creation_timestamp": "2026-06-11T12:40:07.835921Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d65b94a5-e678-47df-bda4-331d2b7f03a7/export"/>
    <published>2026-06-11T12:40:07.835921+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/068170c2-12c0-4209-9416-dda11bc4b6bd/export</id>
    <title>068170c2-12c0-4209-9416-dda11bc4b6bd</title>
    <updated>2026-07-14T21:24:49.895908+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "068170c2-12c0-4209-9416-dda11bc4b6bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41001", "type": "seen", "source": "https://bsky.app/profile/0.5ritter.de/post/3mnyn2l2qo22u", "content": "Spring Boot 4.0.7 available now\n\nspring.io/blog/2026/06...\n\nThis release addresses the following CVEs:\n\n* CVE-2026-40992 \"Mail Auto-Configuration Does Not Enable SSL Hostname Verification\"\n* CVE-2026-41001 \"Predictable Temp Directory in Artemis Auto-configuration\"\n\n#java #spring #springboot", "creation_timestamp": "2026-06-11T06:49:09.603113Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/068170c2-12c0-4209-9416-dda11bc4b6bd/export"/>
    <published>2026-06-11T06:49:09.603113+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7bb0c5a9-cf5a-4783-8f0e-af09c2aaba79/export</id>
    <title>7bb0c5a9-cf5a-4783-8f0e-af09c2aaba79</title>
    <updated>2026-07-14T21:24:49.895998+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7bb0c5a9-cf5a-4783-8f0e-af09c2aaba79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41001", "type": "seen", "source": "https://bsky.app/profile/0.5ritter.de/post/3mnymx7g2722u", "content": "Spring Boot 3.5.15 available now\n\nspring.io/blog/2026/06...\n\nThis release addresses the following CVEs:\n\n* CVE-2026-40992 \"Mail Auto-Configuration Does Not Enable SSL Hostname Verification\"\n* CVE-2026-41001 \"Predictable Temp Directory in Artemis Auto-configuration\"\n\n#java #spring #springboot", "creation_timestamp": "2026-06-11T06:47:07.173909Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7bb0c5a9-cf5a-4783-8f0e-af09c2aaba79/export"/>
    <published>2026-06-11T06:47:07.173909+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2c325f98-8a13-40fc-9b6e-41de1c9626fa/export</id>
    <title>2c325f98-8a13-40fc-9b6e-41de1c9626fa</title>
    <updated>2026-07-14T21:24:49.896085+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2c325f98-8a13-40fc-9b6e-41de1c9626fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41003", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnvt6vxdwr24", "content": "\ud83d\udfe0 CVE-2026-41003 - High (7.6)\n\nAn attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary cod...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41003/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-10T04:00:47.809658Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2c325f98-8a13-40fc-9b6e-41de1c9626fa/export"/>
    <published>2026-06-10T04:00:47.809658+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/98262acb-bffa-421f-9758-401bc57f057e/export</id>
    <title>98262acb-bffa-421f-9758-401bc57f057e</title>
    <updated>2026-07-14T21:24:49.896170+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "98262acb-bffa-421f-9758-401bc57f057e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41006", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnttir6rsy26", "content": "\ud83d\udfe0 CVE-2026-41006 - High (7.5)\n\nSpring HATEOAS's internal PropertyUtils.createObjectFromProperties method, used by the Collection...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41006/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-09T09:00:58.807669Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/98262acb-bffa-421f-9758-401bc57f057e/export"/>
    <published>2026-06-09T09:00:58.807669+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4026d5b8-3b1c-467a-a083-054b762af883/export</id>
    <title>4026d5b8-3b1c-467a-a083-054b762af883</title>
    <updated>2026-07-14T21:24:49.896268+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "4026d5b8-3b1c-467a-a083-054b762af883", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41007", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mntq6af5ab2n", "content": "\ud83d\udfe0 CVE-2026-41007 - High (7.5)\n\nSpring HATEOAS maintains an unbounded static cache of StringLinkRelation instances keyed on attac...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41007/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-09T08:01:23.707676Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4026d5b8-3b1c-467a-a083-054b762af883/export"/>
    <published>2026-06-09T08:01:23.707676+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/aaff4eea-e638-4de2-a6e5-d54aac6b71bf/export</id>
    <title>aaff4eea-e638-4de2-a6e5-d54aac6b71bf</title>
    <updated>2026-07-14T21:24:49.896367+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "aaff4eea-e638-4de2-a6e5-d54aac6b71bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41009", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmt6mzraeh2k", "content": "CVE-2026-41009 - Local Blobstore may allow arbitrary reads/deletes\nCVE ID : CVE-2026-41009\n \n Published : May 27, 2026, 8:16 a.m. | 15\u00a0minutes ago\n \n Description : When the director sends a long-running request (e.g. compile_package), the agent's reply JSON is consumed by Agen...", "creation_timestamp": "2026-05-27T09:22:20.219393Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/aaff4eea-e638-4de2-a6e5-d54aac6b71bf/export"/>
    <published>2026-05-27T09:22:20.219393+00:00</published>
  </entry>
</feed>
