<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-03T21:42:37.007286+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a363f446-8237-4a3c-bdd0-9835bd651a67/export</id>
    <title>a363f446-8237-4a3c-bdd0-9835bd651a67</title>
    <updated>2026-07-03T21:42:37.028058+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a363f446-8237-4a3c-bdd0-9835bd651a67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5524", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpriufaj6y2u", "content": "CVE-2026-5524\nThe Divi Form Builder plugin for WordPress allows hackers to upload malicious files to the website, which can be used to take control of the site. This is a serious security risk that affects all versions of the\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-03T21:35:39.684753Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a363f446-8237-4a3c-bdd0-9835bd651a67/export"/>
    <published>2026-07-03T21:35:39.684753+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2a8f223f-352e-4e74-812b-6ecde720ba65/export</id>
    <title>2a8f223f-352e-4e74-812b-6ecde720ba65</title>
    <updated>2026-07-03T21:42:37.029596+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2a8f223f-352e-4e74-812b-6ecde720ba65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5524", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mppnlm5eck2m", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-5524 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 Divi Form Builder: \u0443\u0433\u0440\u043e\u0437\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 WordPress\n\n\n\nhttps://kripta.biz/posts/08F7D531-1ECB-4A9B-A0C6-8E8837A63595", "creation_timestamp": "2026-07-03T03:54:54.211492Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2a8f223f-352e-4e74-812b-6ecde720ba65/export"/>
    <published>2026-07-03T03:54:54.211492+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b879054f-9fa6-4ec3-b1bd-53c36013ed46/export</id>
    <title>b879054f-9fa6-4ec3-b1bd-53c36013ed46</title>
    <updated>2026-07-03T21:42:37.029692+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b879054f-9fa6-4ec3-b1bd-53c36013ed46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5524", "type": "seen", "source": "https://bsky.app/profile/bootintel.bsky.social/post/3mpot3pwt7u2b", "content": "CVE-2026-5524 [CRITICAL] nginx\n\nThe Divi Form Builder plugin for WordPress is vulnerable to Arbitrary File Upload leading to Remote Code Execution in all versions up to and including 5.1.8. This is due to insufficient file extension validation in th\u2026\n\nnvd.nist.gov/vuln/detail/CVE-2026-5524", "creation_timestamp": "2026-07-02T20:00:44.466974Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b879054f-9fa6-4ec3-b1bd-53c36013ed46/export"/>
    <published>2026-07-02T20:00:44.466974+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f55c71f3-0d56-4dd7-b44f-15f253abb59d/export</id>
    <title>f55c71f3-0d56-4dd7-b44f-15f253abb59d</title>
    <updated>2026-07-03T21:42:37.029763+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f55c71f3-0d56-4dd7-b44f-15f253abb59d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5524", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mpo5c24aet2x", "content": "Divi Form Builder &amp;lt;=5.1.8 hit by CRITICAL RCE flaw \u2014 unauthenticated attackers can upload executable PHP files due to weak validation. Restrict uploads, monitor for patches. \ud83d\udd12 https://radar.offseq.com/threat/cve-2026-5524-cwe-434-unrestricted-upload-of-file--ef397843e92862b0 #OffSeq #WordPress #S...", "creation_timestamp": "2026-07-02T13:30:34.641050Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f55c71f3-0d56-4dd7-b44f-15f253abb59d/export"/>
    <published>2026-07-02T13:30:34.641050+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/58a625d1-32e9-4303-8ca7-ed18ea338271/export</id>
    <title>58a625d1-32e9-4303-8ca7-ed18ea338271</title>
    <updated>2026-07-03T21:42:37.029831+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "58a625d1-32e9-4303-8ca7-ed18ea338271", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5524", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116850624546842014", "content": "CVE-2026-5524: Divi Form Builder &amp;lt;=5.1.8 has a CRITICAL file upload vuln (CVSS 9.8). Unauth RCE possible via PHP extensions not blocked by .htaccess, esp. on Nginx. Restrict uploads, monitor for patch. https://radar.offseq.com/threat/cve-2026-5524-cwe-434-unrestricted-upload-of-file--ef397843e92862b0 #OffSeq #WordPress #Infosec #CVE2026_5524", "creation_timestamp": "2026-07-02T13:30:32.505483Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/58a625d1-32e9-4303-8ca7-ed18ea338271/export"/>
    <published>2026-07-02T13:30:32.505483+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/79b86cb0-66eb-402d-8cdd-5da0a4ba7a64/export</id>
    <title>79b86cb0-66eb-402d-8cdd-5da0a4ba7a64</title>
    <updated>2026-07-03T21:42:37.029898+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "79b86cb0-66eb-402d-8cdd-5da0a4ba7a64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55249", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpnl5nomc72l", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-55249 \u0432 @rtk-ai/rtk-rewrite: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/AEF0C20A-FB7C-4FBC-B843-DB2B35CCC1C0", "creation_timestamp": "2026-07-02T08:05:59.588028Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/79b86cb0-66eb-402d-8cdd-5da0a4ba7a64/export"/>
    <published>2026-07-02T08:05:59.588028+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e18541a4-118c-448c-bd58-727d17b1d482/export</id>
    <title>e18541a4-118c-448c-bd58-727d17b1d482</title>
    <updated>2026-07-03T21:42:37.029966+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e18541a4-118c-448c-bd58-727d17b1d482", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55249", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moybmxdeit2j", "content": "CVE-2026-55249 - @rtk-ai/rtk-rewrite: OpenClaw Rewrite Plugin Command Injection via execSync Template String\nCVE ID : CVE-2026-55249\n \n Published : June 23, 2026, 6:33 p.m. | 1\u00a0hour, 10\u00a0minutes ago\n \n Description : @rtk-ai/rtk-rewrite transparently rewrites shell commands exec...", "creation_timestamp": "2026-06-23T20:49:40.723172Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e18541a4-118c-448c-bd58-727d17b1d482/export"/>
    <published>2026-06-23T20:49:40.723172+00:00</published>
  </entry>
</feed>
