<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-10T02:12:23.897123+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5ac64b2d-5a3b-4c85-abe1-671afebfe35b/export</id>
    <title>5ac64b2d-5a3b-4c85-abe1-671afebfe35b</title>
    <updated>2026-07-10T02:12:23.917023+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5ac64b2d-5a3b-4c85-abe1-671afebfe35b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57155", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mq7p7dzj4i2d", "content": "OPNsense root RCE flaws are public with PoC code. CVE-2026-57155 (9.9) chains an arbitrary file write to root. Patch 26.1.11 or 26.4.1p1 now.\n\n#OPNsense #RootRCE #RCE #FirewallSecurity #CyberSecurity #Vulnerability #InfoSec #PoC", "creation_timestamp": "2026-07-09T13:06:27.015860Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5ac64b2d-5a3b-4c85-abe1-671afebfe35b/export"/>
    <published>2026-07-09T13:06:27.015860+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5fdc6027-4b07-4046-9acf-40697e115435/export</id>
    <title>5fdc6027-4b07-4046-9acf-40697e115435</title>
    <updated>2026-07-10T02:12:23.919614+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5fdc6027-4b07-4046-9acf-40697e115435", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57155", "type": "seen", "source": "https://bsky.app/profile/diesec.bsky.social/post/3mq2h7kpxrk2h", "content": "CVE-2026-57155 (CVSS 9.9): OPNsense GeoIP alias bug lets a low-priv user hit root RCE via path traversal. 5th critical OPNsense CVE since May. Patch to 26.1.11 now.\u00a0\n\n\ud83c\uddec\ud83c\udde7 zurl.co/NbWxp\u00a0\n\ud83c\udde9\ud83c\uddea zurl.co/CFIqE \n\n#CyberSecurity #OPNsense #CVE", "creation_timestamp": "2026-07-07T11:00:05.341608Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5fdc6027-4b07-4046-9acf-40697e115435/export"/>
    <published>2026-07-07T11:00:05.341608+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/806315ba-6dcd-441f-8a1e-f77fb086ba11/export</id>
    <title>806315ba-6dcd-441f-8a1e-f77fb086ba11</title>
    <updated>2026-07-10T02:12:23.919756+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "806315ba-6dcd-441f-8a1e-f77fb086ba11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57155", "type": "seen", "source": "https://bsky.app/profile/bestofhn.bsky.social/post/3mpm5rz56h52r", "content": "5 vulnerabilities in OPNsense including full RCE. Covers CVE-2026-57155 and four more issues.\n\nSubmit to upvote on HN\nhttps://news.ycombinator.com/submitlink?u=https%3A%2F%2Fhackerask.com%2Fposts%2Fopnsense%2F&amp;amp;t=Chasing%20the%20OPNsense%20RCE%3A%20The%20Story%20Behind%20My%20First%20CVEs", "creation_timestamp": "2026-07-01T18:34:11.007575Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/806315ba-6dcd-441f-8a1e-f77fb086ba11/export"/>
    <published>2026-07-01T18:34:11.007575+00:00</published>
  </entry>
</feed>
