https://vulnerability.circl.lu/sightings/feed 2026-05-24T18:46:51.750437+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/70ff1d05-d37f-4591-ba86-51b8ef86bdac/export 2026-05-24T18:46:51.761306+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "70ff1d05-d37f-4591-ba86-51b8ef86bdac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44578", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/84287", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a nextssrf\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a ynsmroztas\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 3 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-15 05:55:49\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nNextSSRF \u2014 CVE-2026-44578 Scanner & Exploit \u2551 \u2551 Next.js WebSocket Upgrade Handler SSRF\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-15T06:00:04.000000Z"} 2026-05-15T06:00:04+00:00 https://vulnerability.circl.lu/sighting/0e5dbe12-4b5a-4f8f-be63-ca7509d15887/export 2026-05-24T18:46:51.761219+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "0e5dbe12-4b5a-4f8f-be63-ca7509d15887", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44578", "type": "published-proof-of-concept", "source": "Telegram/tjgrzpu_dxl6dwKI7zyqcFMKKJNj87hWK2Sc-mpFVOelTAw", "content": "", "creation_timestamp": "2026-05-15T09:00:04.000000Z"} 2026-05-15T09:00:04+00:00 https://vulnerability.circl.lu/sighting/274c57fe-24ab-4137-bb3b-1fd742a30c3a/export 2026-05-24T18:46:51.761140+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "274c57fe-24ab-4137-bb3b-1fd742a30c3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44578", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/javascript/cves/2026/CVE-2026-44578.yaml", "content": "", "creation_timestamp": "2026-05-15T19:59:08.000000Z"} 2026-05-15T19:59:08+00:00 https://vulnerability.circl.lu/sighting/ca18eb0f-5454-467e-b9c1-2e94f999ec8b/export 2026-05-24T18:46:51.761058+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "ca18eb0f-5454-467e-b9c1-2e94f999ec8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44578", "type": "published-proof-of-concept", "source": "Telegram/bDRsekGT6KsUOKSAQI-KSXDhypQzzgL-gjqbTcCXe2h_h6A", "content": "", "creation_timestamp": "2026-05-15T21:00:05.000000Z"} 2026-05-15T21:00:05+00:00 https://vulnerability.circl.lu/sighting/53861e9a-a51d-4f76-b77f-b1b7e15b823b/export 2026-05-24T18:46:51.760958+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "53861e9a-a51d-4f76-b77f-b1b7e15b823b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44578", "type": "published-proof-of-concept", "source": "Telegram/8zfghiqhdMgUnQpN-sW_sONu8d5R6D_u0VHsC67HR3Je1Bs", "content": "", "creation_timestamp": "2026-05-16T15:00:07.000000Z"} 2026-05-16T15:00:07+00:00 https://vulnerability.circl.lu/sighting/45bb4918-4ac0-4a56-a630-032aa2e259bc/export 2026-05-24T18:46:51.760864+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "45bb4918-4ac0-4a56-a630-032aa2e259bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44578", "type": "seen", "source": "https://t.me/GithubRedTeam/84487", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-44578\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a 0xBlackash\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-16 17:47:13\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-44578\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-16T18:00:04.000000Z"} 2026-05-16T18:00:04+00:00 https://vulnerability.circl.lu/sighting/a72bc5fe-de3f-4d38-b324-0a96434fb8b9/export 2026-05-24T18:46:51.760779+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "a72bc5fe-de3f-4d38-b324-0a96434fb8b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44578", "type": "published-proof-of-concept", "source": "Telegram/M2s3PphtTCD9brru-X6QMyPesFMqQlhfbVnnLWpusEfiV5g", "content": "", "creation_timestamp": "2026-05-16T21:00:04.000000Z"} 2026-05-16T21:00:04+00:00 https://vulnerability.circl.lu/sighting/e4d2a062-f062-4c9a-86b9-77db71f47033/export 2026-05-24T18:46:51.760660+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "e4d2a062-f062-4c9a-86b9-77db71f47033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44578", "type": "seen", "source": "https://gist.github.com/leedc0101/2125a81a4a6c9a3e8ceb67fea7454149", "content": "# Server-side request forgery in applications using WebSocket upgrades\n\n- \uc6d0\ubb38 \uc81c\ubaa9: Server-side request forgery in applications using WebSocket upgrades\n- \uc6d0\ubb38 \ub9c1\ud06c: https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\n- \ubc88\uc5ed\uc77c: 2026-05-17 KST\n\n## \ud55c\uad6d\uc5b4 \ubc88\uc5ed\n\nNext.js\uc758 \uc790\uccb4 \ud638\uc2a4\ud305 \uc560\ud50c\ub9ac\ucf00\uc774\uc158 \uc911, \uae30\ubcf8 Node.js \uc11c\ubc84\ub97c \uc0ac\uc6a9\ud558\uace0 WebSocket upgrade \uc694\uccad\uc744 \ubc1b\ub294 \uad6c\uc131\uc774 \uc11c\ubc84 \uc0ac\uc774\ub4dc \uc694\uccad \uc704\uc870(SSRF)\uc5d0 \ucde8\uc57d\ud560 \uc218 \uc788\ub2e4\ub294 \ubcf4\uc548 \uad8c\uace0\uac00 \uacf5\uac1c\ub410\ub2e4. \uacf5\uaca9\uc790\ub294 \uc870\uc791\ub41c WebSocket upgrade \uc694\uccad\uc744 \uc774\uc6a9\ud574 \uc11c\ubc84\uac00 \uc784\uc758\uc758 \ub0b4\ubd80 \ub610\ub294 \uc678\ubd80 \ubaa9\uc801\uc9c0\ub85c \uc694\uccad\uc744 \ud504\ub85d\uc2dc\ud558\ub3c4\ub85d \ub9cc\ub4e4 \uc218 \uc788\ub2e4. \uc774 \uacbd\uc6b0 \ub0b4\ubd80 \uc11c\ube44\uc2a4\ub098 \ud074\ub77c\uc6b0\ub4dc \uba54\ud0c0\ub370\uc774\ud130 \uc5d4\ub4dc\ud3ec\uc778\ud2b8\uac00 \ub178\ucd9c\ub420 \uc704\ud5d8\uc774 \uc788\ub2e4.\n\n\uc601\ud5a5\uc744 \ubc1b\ub294 \ud328\ud0a4\uc9c0\ub294 npm\uc758 `next`\uc774\uba70, \uc601\ud5a5 \ubc84\uc804\uc740 `>=13.4.13 <15.5.16` \uadf8\ub9ac\uace0 `>=16.0.0 <16.2.5`\ub2e4. \ud328\uce58 \ubc84\uc804\uc740 `15.5.16`, `16.2.5`\ub2e4. Vercel\uc5d0 \ubc30\ud3ec\ub41c \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc740 \uc601\ud5a5\uc744 \ubc1b\uc9c0 \uc54a\ub294\ub2e4\uace0 \uba85\uc2dc\ub418\uc5b4 \uc788\ub2e4. \ud575\uc2ec \ub9ac\uc2a4\ud06c\ub294 \u201c\uc790\uccb4 \ud638\uc2a4\ud305 + \ub0b4\uc7a5 Node.js \uc11c\ubc84 + WebSocket upgrade \ub178\ucd9c\u201d \uc870\ud569\uc774\ub2e4.\n\n\uc218\uc815 \uc0ac\ud56d\uc740 \uae30\uc874 \uc77c\ubc18 HTTP \uc694\uccad\uc5d0 \uc801\uc6a9\ub418\ub358 \uc548\uc804\uc131 \uac80\uc0ac\ub97c WebSocket upgrade \ucc98\ub9ac\uc5d0\ub3c4 \ub3d9\uc77c\ud558\uac8c \uc801\uc6a9\ud558\ub294 \uac83\uc774\ub2e4. \uc774\uc81c upgrade \uc694\uccad\uc740 \ub77c\uc6b0\ud305\uc774 \uba85\uc2dc\uc801\uc73c\ub85c \uc548\uc804\ud55c \uc678\ubd80 rewrite\ub85c \ud45c\uc2dc\ud55c \uacbd\uc6b0\uc5d0\ub9cc \ud504\ub85d\uc2dc\ub41c\ub2e4.\n\n\uc989\uc2dc \uc5c5\uadf8\ub808\uc774\ub4dc\ud560 \uc218 \uc5c6\ub2e4\uba74, origin \uc11c\ubc84\ub97c \uc2e0\ub8b0\ud560 \uc218 \uc5c6\ub294 \ub124\ud2b8\uc6cc\ud06c\uc5d0 \uc9c1\uc811 \ub178\ucd9c\ud558\uc9c0 \uc54a\ub294 \uac83\uc774 \uc6b0\uc120\uc774\ub2e4. WebSocket upgrade\uac00 \ud544\uc694 \uc5c6\ub2e4\uba74 reverse proxy \ub610\ub294 load balancer\uc5d0\uc11c \ud574\ub2f9 \uc694\uccad\uc744 \ucc28\ub2e8\ud55c\ub2e4. \ub610\ud55c origin \uc11c\ubc84\uac00 \ub0b4\ubd80\ub9dd\uc774\ub098 \ud074\ub77c\uc6b0\ub4dc \uba54\ud0c0\ub370\uc774\ud130 \uc11c\ube44\uc2a4\ub85c \uc790\uc720\ub86d\uac8c egress\ud558\uc9c0 \ubabb\ud558\ub3c4\ub85d \uc81c\ud55c\ud558\ub294 \ubc29\uc5b4\uac00 \ud544\uc694\ud558\ub2e4.\n\n\ucde8\uc57d\uc810\uc758 \uc2ec\uac01\ub3c4\ub294 High, CVSS 8.6\uc774\ub2e4. \uacf5\uaca9 \ubca1\ud130\ub294 \ub124\ud2b8\uc6cc\ud06c, \uacf5\uaca9 \ubcf5\uc7a1\ub3c4\ub294 \ub0ae\uace0, \uad8c\ud55c\uc774\ub098 \uc0ac\uc6a9\uc790 \uc0c1\ud638\uc791\uc6a9\uc774 \ud544\uc694 \uc5c6\ub2e4. \uae30\ubc00\uc131 \uc601\ud5a5\uc774 \ub192\uac8c \ud3c9\uac00\ub418\uc5b4 \uc788\ub2e4. CVE ID\ub294 `CVE-2026-44578`\uc774\ub2e4.\n\n\ud504\ub860\ud2b8\uc5d4\ub4dc \ud300 \uad00\uc810\uc5d0\uc11c\uc758 \uccb4\ud06c\ud3ec\uc778\ud2b8\ub294 \ub2e8\uc21c\ud558\ub2e4. Next.js\ub97c \uc790\uccb4 \ud638\uc2a4\ud305\ud55c\ub2e4\uba74 \ud604\uc7ac \ubc84\uc804\uc744 \ud655\uc778\ud558\uace0, \uac00\ub2a5\ud55c \ud55c `15.5.16` \ub610\ub294 `16.2.5` \uc774\uc0c1\uc73c\ub85c \uc62c\ub9b0\ub2e4. \ud2b9\ud788 Cloud Run, ECS, EC2, Kubernetes, bare Node \uc11c\ubc84\ucc98\ub7fc Vercel \ubc16\uc5d0\uc11c Next.js\ub97c \uc6b4\uc601\ud558\ub294 \ud300\uc740 WebSocket upgrade \uacbd\ub85c\uac00 \uc5f4\ub824 \uc788\ub294\uc9c0 reverse proxy \uc124\uc815\uae4c\uc9c0 \uac19\uc774 \ud655\uc778\ud574\uc57c \ud55c\ub2e4. \ubcf4\uc548 \ud328\uce58\ub294 \u201c\ud504\ub860\ud2b8 \ud504\ub808\uc784\uc6cc\ud06c \ubc84\uc804 \uc5c5\u201d\ucc98\ub7fc \ubcf4\uc5ec\ub3c4 \uc2e4\uc81c \uc601\ud5a5 \ubc94\uc704\ub294 \uc778\ud504\ub77c\uc640 \ub124\ud2b8\uc6cc\ud06c \uacbd\uacc4\uae4c\uc9c0 \uc774\uc5b4\uc9c4\ub2e4.\n", "creation_timestamp": "2026-05-17T01:29:38.000000Z"} 2026-05-17T01:29:38+00:00 https://vulnerability.circl.lu/sighting/460b4e43-81b0-41e2-866f-19bd0d260969/export 2026-05-24T18:46:51.760532+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "460b4e43-81b0-41e2-866f-19bd0d260969", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44578", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mm3yt3zq6i2h", "content": "\ud83d\udccc CVE-2026-44578 - Next.js is a React framework for building full-stack web applications. From 13.4.13 to before 15.5.16 and 16.2.5, self-hosted applications using the b... https://www.cyberhub.blog/cves/CVE-2026-44578", "creation_timestamp": "2026-05-18T04:07:25.339719Z"} 2026-05-18T04:07:25.339719+00:00 https://vulnerability.circl.lu/sighting/921df47b-92ba-43ad-a242-565da6b8b640/export 2026-05-24T18:46:51.759146+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "921df47b-92ba-43ad-a242-565da6b8b640", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44578", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/116608593313654495", "content": "https://horizon3.ai/attack-research/vulnerabilities/cve-2026-44578/\n\nCVE-2026-44578 is a High-severity server-side request forgery vulnerability affecting self-hosted Next.js applications that use the built-in Node.js server. The vulnerability exists in WebSocket upgrade request handling, where crafted requests can cause the server to proxy connections to arbitrary internal or external destinations. Vercel-hosted deployments are not affected.\n#fuckJavaScript", "creation_timestamp": "2026-05-20T19:38:49.158341Z"} 2026-05-20T19:38:49.158341+00:00