Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-07T07:57:47.139549+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/63815c0c-71ca-429c-b1a0-a5ca63e205b3/export 63815c0c-71ca-429c-b1a0-a5ca63e205b3 2026-06-07T07:57:47.164755+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "63815c0c-71ca-429c-b1a0-a5ca63e205b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41925", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml2jvukepv2v", "content": "CVE-2026-41925 - WDR201A WiFi Extender OS Command Injection via adm.cgi (reboot_time)\nCVE ID : CVE-2026-41925\n \n Published : May 4, 2026, 7:15 p.m. | 1\u00a0hour, 4\u00a0minutes ago\n \n Description : WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection ...", "creation_timestamp": "2026-05-04T20:42:22.817142Z"} 2026-05-04T20:42:22.817142+00:00 https://vulnerability.circl.lu/sighting/5a0243dc-6c01-480e-aba0-2a907c654e32/export 5a0243dc-6c01-480e-aba0-2a907c654e32 2026-06-07T07:57:47.164680+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "5a0243dc-6c01-480e-aba0-2a907c654e32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41924", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml2k5k7ruc2p", "content": "CVE-2026-41924 - WDR201A WiFi Extender OS Command Injection via makeRequest.cgi\nCVE ID : CVE-2026-41924\n \n Published : May 4, 2026, 7:12 p.m. | 1\u00a0hour, 8\u00a0minutes ago\n \n Description : WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulner...", "creation_timestamp": "2026-05-04T20:46:40.509619Z"} 2026-05-04T20:46:40.509619+00:00 https://vulnerability.circl.lu/sighting/2d78f06b-56ef-4a49-a172-f38a504de24e/export 2d78f06b-56ef-4a49-a172-f38a504de24e 2026-06-07T07:57:47.164599+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "2d78f06b-56ef-4a49-a172-f38a504de24e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41926", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml2kyfnef32k", "content": "CVE-2026-41926 - WDR201A WiFi Extender OS Command Injection via firewall.cgi\nCVE ID : CVE-2026-41926\n \n Published : May 4, 2026, 7:17 p.m. | 1\u00a0hour, 2\u00a0minutes ago\n \n Description : WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerabi...", "creation_timestamp": "2026-05-04T21:01:41.808892Z"} 2026-05-04T21:01:41.808892+00:00 https://vulnerability.circl.lu/sighting/ec488d93-9288-411b-9f1f-642c4bd62c7a/export ec488d93-9288-411b-9f1f-642c4bd62c7a 2026-06-07T07:57:47.164502+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "ec488d93-9288-411b-9f1f-642c4bd62c7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41927", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml2qh4cjwc2v", "content": "CVE-2026-41927 - WDR201A WiFi Extender Stack-Based Buffer Overflow via firewall.cgi\nCVE ID : CVE-2026-41927\n \n Published : May 4, 2026, 8:16 p.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains a stack-based buffer over...", "creation_timestamp": "2026-05-04T22:39:23.716239Z"} 2026-05-04T22:39:23.716239+00:00 https://vulnerability.circl.lu/sighting/3f5b3781-e53c-49dc-a4d2-f88b3ee9da90/export 3f5b3781-e53c-49dc-a4d2-f88b3ee9da90 2026-06-07T07:57:47.164412+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "3f5b3781-e53c-49dc-a4d2-f88b3ee9da90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41926", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116519379011969410", "content": "\ud83d\udea8 CVE-2026-41926 (CRITICAL, CVSS 9.3): OS command injection in Shenzhen Yipu WDR201A WiFi Extender allows unauthenticated remote code execution via firewall.cgi. Persistent payloads survive reboots. Restrict access, monitor for fixes. https://radar.offseq.com/threat/cve-2026-41926-improper-neutralization-of-special--58e4d954 #OffSeq #IoTSecurity #CVE", "creation_timestamp": "2026-05-05T01:30:27.966902Z"} 2026-05-05T01:30:27.966902+00:00 https://vulnerability.circl.lu/sighting/a0daaccc-d987-4ce9-bd21-f6a183e838df/export a0daaccc-d987-4ce9-bd21-f6a183e838df 2026-06-07T07:57:47.164307+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "a0daaccc-d987-4ce9-bd21-f6a183e838df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41926", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3ml2zyzafpz23", "content": "Major alert: CRITICAL OS command injection (CVE-2026-41926) in Shenzhen Yipu WDR201A WiFi Extender. Remote attackers can run persistent commands. Restrict firewall.cgi access & monitor for patches. https://radar.offseq.com/threat/cve-2026-41926-improper-neutralization-of-special--58e4d954 #OffSeq...", "creation_timestamp": "2026-05-05T01:30:28.757652Z"} 2026-05-05T01:30:28.757652+00:00 https://vulnerability.circl.lu/sighting/96dd1ed7-634f-4300-b004-131a289f13cb/export 96dd1ed7-634f-4300-b004-131a289f13cb 2026-06-07T07:57:47.164213+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "96dd1ed7-634f-4300-b004-131a289f13cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41924", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116521502604855300", "content": "\ud83d\udea8 CVE-2026-41924 (CRITICAL): OS command injection in WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) enables unauthenticated remote shell command execution. No patch yet \u2014 immediate isolation & monitoring advised. https://radar.offseq.com/threat/cve-2026-41924-improper-neutralization-of-special--62b0b2d6 #OffSeq #Vuln #IoTSecurity", "creation_timestamp": "2026-05-05T10:30:30.381928Z"} 2026-05-05T10:30:30.381928+00:00 https://vulnerability.circl.lu/sighting/18bb34f9-a65e-4d9e-9317-0514dc779240/export 18bb34f9-a65e-4d9e-9317-0514dc779240 2026-06-07T07:57:47.164121+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "18bb34f9-a65e-4d9e-9317-0514dc779240", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41924", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3ml3y6pkxqf2v", "content": "CRITICAL: OS command injection in WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) lets attackers run shell commands remotely. No patch yet \u2014 isolate & monitor now. https://radar.offseq.com/threat/cve-2026-41924-improper-neutralization-of-special--62b0b2d6 #OffSeq #Vulnerability #IoTSecurity", "creation_timestamp": "2026-05-05T10:30:32.221147Z"} 2026-05-05T10:30:32.221147+00:00 https://vulnerability.circl.lu/sighting/7b666405-51cc-42eb-86b2-f31f113397c2/export 7b666405-51cc-42eb-86b2-f31f113397c2 2026-06-07T07:57:47.164008+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "7b666405-51cc-42eb-86b2-f31f113397c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41929", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlcjubv62j2n", "content": "CVE-2026-41929 - Vvveb\nCVE ID : CVE-2026-41929\n \n Published : May 7, 2026, 10:16 p.m. | 2\u00a0hours, 9\u00a0minutes ago\n \n Description : Vvveb before 1.0.8.2 contains an unauthenticated reflected cross-site scripting vulnerability in the visual editor preview renderer that allows attac...", "creation_timestamp": "2026-05-08T01:02:47.440682Z"} 2026-05-08T01:02:47.440682+00:00 https://vulnerability.circl.lu/sighting/f9b1b857-7ed1-4086-8456-26a192a20b6b/export f9b1b857-7ed1-4086-8456-26a192a20b6b 2026-06-07T07:57:47.161494+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "f9b1b857-7ed1-4086-8456-26a192a20b6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41928", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlcjygcf5y2k", "content": "CVE-2026-41928 - Vvveb\nCVE ID : CVE-2026-41928\n \n Published : May 7, 2026, 10:16 p.m. | 2\u00a0hours, 9\u00a0minutes ago\n \n Description : Vvveb before 1.0.8.2 contains an information disclosure vulnerability in the cron controller that allows unauthenticated attackers to retrieve the ap...", "creation_timestamp": "2026-05-08T01:05:06.555922Z"} 2026-05-08T01:05:06.555922+00:00