https://vulnerability.circl.lu/sightings/feed 2026-05-08T22:10:32.830708+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/ac6d4719-0150-481e-a23d-eba6bd449996/export 2026-05-08T22:10:33.161487+00:00 Joseph Lee http://vulnerability.circl.lu/user/syspect {"uuid": "ac6d4719-0150-481e-a23d-eba6bd449996", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-4406", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-4406", "content": "", "creation_timestamp": "2026-04-07T15:16:05.000000Z"} 2026-04-07T15:16:05+00:00 https://vulnerability.circl.lu/sighting/8b91f481-cd44-4484-8e97-a35f48e76796/export 2026-05-08T22:10:33.161345+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "8b91f481-cd44-4484-8e97-a35f48e76796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4406", "type": "published-proof-of-concept", "source": "Telegram/Wl9CrQOxsQx4KE-BWCuSJcJWoX1uryv_sC7BNGTK9kDjsYQ", "content": "", "creation_timestamp": "2026-04-07T21:00:05.000000Z"} 2026-04-07T21:00:05+00:00 https://vulnerability.circl.lu/sighting/726089a7-ec26-45b1-ba6b-6067132c4dd9/export 2026-05-08T22:10:33.161176+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "726089a7-ec26-45b1-ba6b-6067132c4dd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4406", "type": "published-proof-of-concept", "source": "Telegram/Mw0Ctk5qQ9M_cnnZZGiTkYGqKNeE1tbC3Cxhbxy9eIQ0t04", "content": "", "creation_timestamp": "2026-04-08T09:00:13.000000Z"} 2026-04-08T09:00:13+00:00 https://vulnerability.circl.lu/sighting/07a4ed5b-835b-45b6-a5a4-f63b28a3ea66/export 2026-05-08T22:10:33.160922+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "07a4ed5b-835b-45b6-a5a4-f63b28a3ea66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4406", "type": "seen", "source": "https://t.me/GithubRedTeam/79465", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-4406\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Hann1bl3L3ct3r\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a HTML\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-08 18:57:07\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nThe Gravity Forms plugin for WordPress (tested through version 2.9.28) is vulnerable to unauthenticated reflected cross-site scripting (XSS) via the `form_ids` parameter in the `gform_get_config` AJAX action.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-08T19:00:04.000000Z"} 2026-04-08T19:00:04+00:00 https://vulnerability.circl.lu/sighting/1bffd091-8390-49ce-a254-54ca51ed9f07/export 2026-05-08T22:10:33.157873+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "1bffd091-8390-49ce-a254-54ca51ed9f07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4406", "type": "seen", "source": "https://gist.github.com/yuenvision/33e265773f23f998158ce2703d2c43c7", "content": "", "creation_timestamp": "2026-04-17T22:49:36.000000Z"} 2026-04-17T22:49:36+00:00