Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-05-31T14:49:54.421046+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/f0823dcd-7da6-4d47-be78-500e699bf028/export f0823dcd-7da6-4d47-be78-500e699bf028 2026-05-31T14:49:54.441953+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "f0823dcd-7da6-4d47-be78-500e699bf028", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42884", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlm7rfjkcy2r", "content": "CVE-2026-42884 - Audiobookshelf: Collection endpoints bypass library access controls exposing restricted library data\nCVE ID : CVE-2026-42884\n \n Published : May 11, 2026, 8:25 p.m. | 5\u00a0minutes ago\n \n Description : Audiobookshelf is a self-hosted audiobook and podcast server. P...", "creation_timestamp": "2026-05-11T21:28:50.676128Z"} 2026-05-11T21:28:50.676128+00:00 https://vulnerability.circl.lu/sighting/cb773c43-0194-4af1-a3df-71d74a25547a/export cb773c43-0194-4af1-a3df-71d74a25547a 2026-05-31T14:49:54.441873+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "cb773c43-0194-4af1-a3df-71d74a25547a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42886", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlmace2y6u2o", "content": "CVE-2026-42886 - Audiobookshelf: Memory amplification DoS via oversized compressed details entry in backup upload\nCVE ID : CVE-2026-42886\n \n Published : May 11, 2026, 8:25 p.m. | 5\u00a0minutes ago\n \n Description : Audiobookshelf is a self-hosted audiobook and podcast server. Prior...", "creation_timestamp": "2026-05-11T21:38:19.590311Z"} 2026-05-11T21:38:19.590311+00:00 https://vulnerability.circl.lu/sighting/4ec2995b-11f8-43e6-a547-3edd6bc50353/export 4ec2995b-11f8-43e6-a547-3edd6bc50353 2026-05-31T14:49:54.441794+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "4ec2995b-11f8-43e6-a547-3edd6bc50353", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42882", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlmakxtgsm2p", "content": "CVE-2026-42882 - oxyno-zeta/s3-proxy: Security Issues in Resource Path Matching\nCVE ID : CVE-2026-42882\n \n Published : May 11, 2026, 8:25 p.m. | 5\u00a0minutes ago\n \n Description : oxyno-zeta/s3-proxy is an aws s3 proxy written in go. Prior to 5.0.0, s3-proxy contains an authentica...", "creation_timestamp": "2026-05-11T21:43:08.689637Z"} 2026-05-11T21:43:08.689637+00:00 https://vulnerability.circl.lu/sighting/904f553b-3f25-42b5-bcad-519ccd936793/export 904f553b-3f25-42b5-bcad-519ccd936793 2026-05-31T14:49:54.441719+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "904f553b-3f25-42b5-bcad-519ccd936793", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42882", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mln4edlx4r2m", "content": "CRITICAL: oxyno-zeta s3-proxy (<5.0.0) path traversal bug lets attackers bypass auth and access S3 objects. Upgrade to 5.0.0+ immediately! https://radar.offseq.com/threat/cve-2026-42882-cwe-22-improper-limitation-of-a-pat-5be1c7df #OffSeq #CVE202642882 #CloudSecurity", "creation_timestamp": "2026-05-12T06:00:34.339848Z"} 2026-05-12T06:00:34.339848+00:00 https://vulnerability.circl.lu/sighting/060f81cb-4464-4127-8f3c-e9b3424fcd4a/export 060f81cb-4464-4127-8f3c-e9b3424fcd4a 2026-05-31T14:49:54.441640+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "060f81cb-4464-4127-8f3c-e9b3424fcd4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42882", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116560077036026924", "content": "\ud83d\udea8 CVE-2026-42882 (CRITICAL): oxyno-zeta s3-proxy <5.0.0 has a path traversal bug, letting unauthenticated attackers bypass auth to access or modify protected S3 objects. Patch to v5.0.0 now! https://radar.offseq.com/threat/cve-2026-42882-cwe-22-improper-limitation-of-a-pat-5be1c7df #OffSeq #CVE202642882 #CloudSecurity #Vuln", "creation_timestamp": "2026-05-12T06:00:37.052096Z"} 2026-05-12T06:00:37.052096+00:00 https://vulnerability.circl.lu/sighting/203d8192-92bf-49db-9cec-7b6da8aac9cf/export 203d8192-92bf-49db-9cec-7b6da8aac9cf 2026-05-31T14:49:54.441548+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "203d8192-92bf-49db-9cec-7b6da8aac9cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42882", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mln4p754fi2t", "content": "\ud83d\udd34 CVE-2026-42882 - Critical (9.4)\n\noxyno-zeta/s3-proxy is an aws s3 proxy written in go. Prior to 5.0.0, s3-proxy contains an authen...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42882/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-12T06:06:36.618355Z"} 2026-05-12T06:06:36.618355+00:00 https://vulnerability.circl.lu/sighting/72737ea6-ba96-48f1-9ca7-2cce931e3f6b/export 72737ea6-ba96-48f1-9ca7-2cce931e3f6b 2026-05-31T14:49:54.441460+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "72737ea6-ba96-48f1-9ca7-2cce931e3f6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42880", "type": "seen", "source": "https://t.me/bdufstecru/3158", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0435\u043a\u043b\u0430\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u043d\u0435\u043f\u0440\u0435\u0440\u044b\u0432\u043d\u043e\u0439 \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 GitOps \u0434\u043b\u044f Kubernetes Argo CD \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043c\u0435\u0436\u0433\u0440\u0430\u043d\u0438\u0447\u043d\u044b\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435\u043c \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e\n\nBDU:2026-06624\nCVE-2026-42880\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://github.com/argoproj/argo-cd/security/advisories/GHSA-3v3m-wc6v-x4x3", "creation_timestamp": "2026-05-13T14:46:52.000000Z"} 2026-05-13T14:46:52+00:00 https://vulnerability.circl.lu/sighting/6b99fb12-8f89-4aec-9da3-b088242db19e/export 6b99fb12-8f89-4aec-9da3-b088242db19e 2026-05-31T14:49:54.441374+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "6b99fb12-8f89-4aec-9da3-b088242db19e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42880", "type": "seen", "source": "https://bsky.app/profile/devops-daily.com/post/3mlvlwg55vz2d", "content": "\ud83d\udcdd Argo CD CVE-2026-42880: When Read-Only Means Read-Everything-Including-Secrets\n\nA critical Argo CD bug (CVSS 9.6, disclosed May 7) lets any authenticated user pull plaintext Kubernetes Secrets out of any Application that has...\n\nRead here: https://devops-daily.com/posts/argocd-cve-2026-42880-s...", "creation_timestamp": "2026-05-15T15:00:22.015511Z"} 2026-05-15T15:00:22.015511+00:00 https://vulnerability.circl.lu/sighting/f35f8766-4d3d-49f2-8e3e-e4457aaafb67/export f35f8766-4d3d-49f2-8e3e-e4457aaafb67 2026-05-31T14:49:54.441236+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "f35f8766-4d3d-49f2-8e3e-e4457aaafb67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42880", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mma6zfqzlk2w", "content": "\u300cArgo CD\u300d\u306b\u6df1\u523b\u306a\u8106\u5f31\u6027 - \u30c8\u30fc\u30af\u30f3\u3084API\u30ad\u30fc\u6f0f\u6d29\u306e\u304a\u305d\u308c\n\n\u300cKubernetes\u300d\u5411\u3051\u306e\u7d99\u7d9a\u7684\u30c7\u30ea\u30d0\u30ea\u30c4\u30fc\u30eb\u300cArgo CD\u300d\u306b\u6df1\u523b\u306a\u8106\u5f31\u6027\u304c\u660e\u3089\u304b\u3068\u306a\u3063\u305f\u3002\n\n\u540c\u30c4\u30fc\u30eb\u306e\u300cServerSideDiff\u300d\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u306b\u304a\u3044\u3066\u3001\u8a8d\u53ef\u51e6\u7406\u3084\u30b7\u30fc\u30af\u30ec\u30c3\u30c8\u60c5\u5831\u306b\u5bfe\u3059\u308b\u30de\u30b9\u30ad\u30f3\u30b0\u51e6\u7406\u306b\u4e0d\u5099\u304c\u5224\u660e\u3057\u305f\u3082\u306e\u3002\u300cCVE-2026-42880\u300d\u304c\u5272\u308a\u5f53\u3066\u3089\u308c\u3066\u3044\u308b\u3002\n\n\u672c\u6765\u30de\u30b9\u30af\u3055\u308c\u308b\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u30c8\u30fc\u30af\u30f3\u3001TLS\u8a3c\u660e\u66f8\u3001\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u8a8d\u8a3c\u60c5\u5831\u3001API\u30ad\u30fc\u306a\u3069\u300cKubernetes\u300d\u306e\u30b7\u30fc\u30af\u30ec\u30c3\u30c8\u3092\u5e73\u6587\u3067\u5fdc\u7b54\u3059\u308b\u305f\u3081\u3001\u6761\u4ef6\u3092\u6e80\u305f\u3059\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3067\u306f\u3001\u9650\u5b9a\u7684\u306a\u8aad\u307f\u53d6\u308a\u6a29\u9650\u306e\u307f\u4e0e\u3048\u3089\u308c...", "creation_timestamp": "2026-05-19T20:08:41.080725Z"} 2026-05-19T20:08:41.080725+00:00 https://vulnerability.circl.lu/sighting/77c97987-cdb1-43c2-9ecf-2a23982b2cfb/export 77c97987-cdb1-43c2-9ecf-2a23982b2cfb 2026-05-31T14:49:54.438662+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "77c97987-cdb1-43c2-9ecf-2a23982b2cfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42880", "type": "seen", "source": "https://t.me/GithubRedTeam/85816", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #POC #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a POC_CVE-2026-42880\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a HAERIN-L\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Shell\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-25 12:04:32\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u65e0\u63cf\u8ff0\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-25T12:05:41.000000Z"} 2026-05-25T12:05:41+00:00