https://vulnerability.circl.lu/sightings/feed 2026-06-29T15:33:35.792245+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/da79f413-8742-41be-9185-3cf580335b57/export 2026-06-29T15:33:35.811916+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "da79f413-8742-41be-9185-3cf580335b57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10646", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mpfphxar7f26", "content": "Daily IT Security Digest \u2014 2026-06-29\nSystem (CVSS 6.9). Tenda JD12L routers have a HIGH severity stack buffer overflow (CVE-2026-13517, CVSS ~7.5) exploitable remotely. Meanwhile, Zephyr RTOS 4.0.0\u20134.4.0 has CVE-2026-10646 (CVSS 7.4), a use-after-free in getaddrinfo().", "creation_timestamp": "2026-06-29T05:02:01.919234Z"} 2026-06-29T05:02:01.919234+00:00 https://vulnerability.circl.lu/sighting/7aa1ca41-e660-41ae-8747-8567e90f9385/export 2026-06-29T15:33:35.814107+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "7aa1ca41-e660-41ae-8747-8567e90f9385", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10646", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mpdfhoopcg2d", "content": "Zephyr v4.0.0-v4.4.0\u306egetaddrinfo()\u5b9f\u88c5\u306b\u3001DNS\u30af\u30a8\u30ea\u3067\u30b9\u30bf\u30c3\u30af\u9818\u57df\u3092\u8aa4\u3063\u3066\u4f7f\u7528\u3059\u308b\u8106\u5f31\u6027\u304c\u3042\u308b\u3002\u653b\u6483\u8005\u306f\u3053\u308c\u3092\u5229\u7528\u3057\u3001\u30b5\u30fc\u30d3\u30b9\u59a8\u5bb3\u3084\u30e1\u30e2\u30ea\u7834\u58ca\u3092\u5f15\u304d\u8d77\u3053\u3059\u53ef\u80fd\u6027\u304c\u2026\nCVE-2026-10646 CVSS 7.4 | HIGH", "creation_timestamp": "2026-06-28T06:57:36.208420Z"} 2026-06-28T06:57:36.208420+00:00 https://vulnerability.circl.lu/sighting/28033294-6171-4c25-bed0-2fdcf0a743bd/export 2026-06-29T15:33:35.814242+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "28033294-6171-4c25-bed0-2fdcf0a743bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10646", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpddktd5em27", "content": "CVE-2026-10646 - Use-after-return in `zsock_getaddrinfo()` when a timed-out DNS query is retried without cancellation\nCVE ID : CVE-2026-10646\n \n Published : June 28, 2026, 4:04 a.m. | 1\u00a0hour, 41\u00a0minutes ago\n \n Description : Zephyr's BSD-sockets getaddrinfo() implementation (su...", "creation_timestamp": "2026-06-28T06:23:34.113505Z"} 2026-06-28T06:23:34.113505+00:00 https://vulnerability.circl.lu/sighting/c09c1629-69f6-411c-8c72-f4637630d0d1/export 2026-06-29T15:33:35.814347+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "c09c1629-69f6-411c-8c72-f4637630d0d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10646", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mpdcbiet3q2v", "content": "Zephyr (4.0.0 \u2013 4.4.0) faces a HIGH severity use-after-free vuln (CVE-2026-10646). Attackers can trigger crashes via spoofed DNS replies. Patch pending \u2014 review exposure now. https://radar.offseq.com/threat/cve-2026-10646-use-after-free-in-zephyrproject-zep-22335ff5e2d4e43d #OffSeq #Zephyr #Vuln", "creation_timestamp": "2026-06-28T06:00:28.295415Z"} 2026-06-28T06:00:28.295415+00:00