https://vulnerability.circl.lu/sightings/feed 2026-06-20T03:44:09.982639+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/4c0d7531-9973-44ad-b2f8-a30cf6e5303e/export 2026-06-20T03:44:10.028374+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "4c0d7531-9973-44ad-b2f8-a30cf6e5303e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40038", "type": "seen", "source": "Telegram/c7uZKOPwVy2hcS0GAJgtvZD1v9y_KI-NyzhYNMP5jQugHxE", "content": "", "creation_timestamp": "2026-04-13T21:22:40.000000Z"} 2026-04-13T21:22:40+00:00 https://vulnerability.circl.lu/sighting/94b9b624-5226-4ae0-868d-e44a3df9c9b5/export 2026-06-20T03:44:10.028245+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "94b9b624-5226-4ae0-868d-e44a3df9c9b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40038", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mjftjnb6xb2c", "content": "", "creation_timestamp": "2026-04-13T21:43:24.176312Z"} 2026-04-13T21:43:24.176312+00:00 https://vulnerability.circl.lu/sighting/47133087-3300-48d2-a625-6ae0e9137152/export 2026-06-20T03:44:10.028112+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "47133087-3300-48d2-a625-6ae0e9137152", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40035", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mjpfxd3k7d2p", "content": "", "creation_timestamp": "2026-04-17T17:07:08.839706Z"} 2026-04-17T17:07:08.839706+00:00 https://vulnerability.circl.lu/sighting/624a1c15-8e31-4422-b5c6-6b3c4ac237e6/export 2026-06-20T03:44:10.027964+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "624a1c15-8e31-4422-b5c6-6b3c4ac237e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40036", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mjquvdoayg2l", "content": "", "creation_timestamp": "2026-04-18T07:07:08.068372Z"} 2026-04-18T07:07:08.068372+00:00 https://vulnerability.circl.lu/sighting/3567bedc-bd98-432e-83cf-4fccb88065a2/export 2026-06-20T03:44:10.027804+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "3567bedc-bd98-432e-83cf-4fccb88065a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40031", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mjv7zs7lks2w", "content": "", "creation_timestamp": "2026-04-20T00:37:07.120633Z"} 2026-04-20T00:37:07.120633+00:00 https://vulnerability.circl.lu/sighting/f437464f-be6c-4ec0-b0bd-136e597ad75a/export 2026-06-20T03:44:10.027664+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "f437464f-be6c-4ec0-b0bd-136e597ad75a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40033", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmrawudrnk2q", "content": "CVE-2026-40033 - FreeRDP - Heap-buffer-overflow in gdi_CacheToSurface via rectangle validation bypass\nCVE ID : CVE-2026-40033\n \n Published : May 26, 2026, 2:08 p.m. | 23\u00a0minutes ago\n \n Description : FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdi_Cac...", "creation_timestamp": "2026-05-26T14:58:18.310360Z"} 2026-05-26T14:58:18.310360+00:00 https://vulnerability.circl.lu/sighting/f5834061-1a18-4338-9a9a-ec17789f1a4b/export 2026-06-20T03:44:10.027520+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "f5834061-1a18-4338-9a9a-ec17789f1a4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40034", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmrbjkcv452o", "content": "CVE-2026-40034 - gitoxide - Command Injection via Partial .gitmodules Override in gix-submodule\nCVE ID : CVE-2026-40034\n \n Published : May 26, 2026, 2:08 p.m. | 23\u00a0minutes ago\n \n Description : gix-submodule before 0.82.0 incorrectly validates the update field in .gitmodules, a...", "creation_timestamp": "2026-05-26T15:08:44.967868Z"} 2026-05-26T15:08:44.967868+00:00 https://vulnerability.circl.lu/sighting/14881105-4576-481c-9d5d-3f9a923f23ea/export 2026-06-20T03:44:10.027372+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "14881105-4576-481c-9d5d-3f9a923f23ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40033", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mmtym4x6z52p", "content": "\ud83d\udccc CVE-2026-40033 - FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdi_CacheToSurface that allows remote attackers to write out-of-bounds heap mem... https://www.cyberhub.blog/cves/CVE-2026-40033", "creation_timestamp": "2026-05-27T17:07:07.845443Z"} 2026-05-27T17:07:07.845443+00:00 https://vulnerability.circl.lu/sighting/b8169649-4bd6-4d0f-a917-125afaedcbe2/export 2026-06-20T03:44:10.027173+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "b8169649-4bd6-4d0f-a917-125afaedcbe2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40033", "type": "seen", "source": "https://t.me/bdufstecru/3206", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 gdi_CacheToSurface() RDP-\u043a\u043b\u0438\u0435\u043d\u0442\u0430 FreeRDP \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 RDPGFX-\u043f\u0430\u043a\u0435\u0442\u043e\u0432\n\nBDU:2026-07426\nCVE-2026-40033\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://github.com/FreeRDP/FreeRDP/commit/23b36cd00ebf0ccd97750fcdbc9aa2f362352da7", "creation_timestamp": "2026-05-29T13:15:00.000000Z"} 2026-05-29T13:15:00+00:00 https://vulnerability.circl.lu/sighting/c04bebcb-c5ba-4b5b-83c0-2e18fad138a3/export 2026-06-20T03:44:10.024913+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "c04bebcb-c5ba-4b5b-83c0-2e18fad138a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40030", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mohxl5tlqg2z", "content": "\ud83d\udccc CVE-2026-40030 - parseusbs before 1.9 contains an OS command injection vulnerability where the volume listing path argument (-v flag) is passed unsanitized into an os.... https://www.cyberhub.blog/cves/CVE-2026-40030", "creation_timestamp": "2026-06-17T09:07:07.522106Z"} 2026-06-17T09:07:07.522106+00:00