<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-08T19:07:02.213808+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/fb66ab41-8a3a-4093-824a-99b5801253f2/export</id>
    <title>fb66ab41-8a3a-4093-824a-99b5801253f2</title>
    <updated>2026-07-08T19:07:02.234339+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "fb66ab41-8a3a-4093-824a-99b5801253f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41042", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq5jrsw37s22", "content": "CVE-2026-41042\nApache Gravitino, a Java-based tool, has a security issue when using H2 databases for testing. An attacker can execute malicious code on the server if they know the server is using H2. To fix this, update to\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-08T16:24:04.328773Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/fb66ab41-8a3a-4093-824a-99b5801253f2/export"/>
    <published>2026-07-08T16:24:04.328773+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/aa03509f-f563-44cc-9c82-eb8735ba8695/export</id>
    <title>aa03509f-f563-44cc-9c82-eb8735ba8695</title>
    <updated>2026-07-08T19:07:02.236478+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "aa03509f-f563-44cc-9c82-eb8735ba8695", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41042", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mq5jlooecl2f", "content": "CVE-2026-41042: Apache Gravitino: Unauthenticated callers can supply a malicious H2 JDBC URL through the testConnection API, which executes arbitrary Java code on the server via H2's INIT parameter", "creation_timestamp": "2026-07-08T16:20:38.680935Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/aa03509f-f563-44cc-9c82-eb8735ba8695/export"/>
    <published>2026-07-08T16:20:38.680935+00:00</published>
  </entry>
</feed>
