https://vulnerability.circl.lu/sightings/feed 2026-06-06T17:07:22.357047+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/f7d1dc33-4584-4280-bff4-292c5ced6a24/export 2026-06-06T17:07:22.381934+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "f7d1dc33-4584-4280-bff4-292c5ced6a24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42994", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mkrha6jb7626", "content": "Bitwarden CLI v2026.4.0 (npm, Apr 2026) faces HIGH severity OS Command Injection (CVSS 8.8). Supply chain compromise \u2014 avoid this version & check your installs. No patch yet. https://radar.offseq.com/threat/cve-2026-42994-cwe-78-improper-neutralization-of-s-70529260 #OffSeq #Bitwarden #Vuln", "creation_timestamp": "2026-05-01T06:00:30.455444Z"} 2026-05-01T06:00:30.455444+00:00 https://vulnerability.circl.lu/sighting/ee6134a8-8c13-4c61-a1b2-445bee2e044e/export 2026-06-06T17:07:22.381810+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "ee6134a8-8c13-4c61-a1b2-445bee2e044e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42994", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mkrjfrmfue2n", "content": "CVE-2026-42994 - Bitwarden CLI Malicious Code Injection\nCVE ID : CVE-2026-42994\n \n Published : May 1, 2026, 5:16 a.m. | 1\u00a0hour, 2\u00a0minutes ago\n \n Description : Bitwarden CLI 2026.4.0 from 2026-04-22T21:57Z to 2026-04-22T23:30Z, when obtained from npm, had embedded malicious cod...", "creation_timestamp": "2026-05-01T06:39:25.181462Z"} 2026-05-01T06:39:25.181462+00:00 https://vulnerability.circl.lu/sighting/bf0ecf88-a479-468a-9250-1472d703c3c1/export 2026-06-06T17:07:22.381683+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "bf0ecf88-a479-468a-9250-1472d703c3c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42996", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mkrpf7bg2x2c", "content": "CVE-2026-42996 - JS8Call APRSIS Client Stack-Based Buffer Overflow\nCVE ID : CVE-2026-42996\n \n Published : May 1, 2026, 7:15 a.m. | 1\u00a0hour, 3\u00a0minutes ago\n \n Description : JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-based buffer overflow via a radio transm...", "creation_timestamp": "2026-05-01T08:26:28.975166Z"} 2026-05-01T08:26:28.975166+00:00 https://vulnerability.circl.lu/sighting/c2e0bd65-89f6-455a-94c9-c954a2c537b9/export 2026-06-06T17:07:22.381563+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "c2e0bd65-89f6-455a-94c9-c954a2c537b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42997", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ml4ratvmfr2j", "content": "[OSSA-2026-010] Ironic: Credential Forwarding to Arbitrary Endpoints via iDrac Configuration Molds Feature (CVE-2026-42997)", "creation_timestamp": "2026-05-05T17:59:08.492181Z"} 2026-05-05T17:59:08.492181+00:00 https://vulnerability.circl.lu/sighting/b99d21d6-2bd7-430d-ae04-3a92596b41ee/export 2026-06-06T17:07:22.381437+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "b99d21d6-2bd7-430d-ae04-3a92596b41ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42997", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml4vnfpglw2w", "content": "\ud83d\udfe0 CVE-2026-42997 - High (7.7)\n\nAn issue was discovered in idrac in OpenStack Ironic before 35.0.1. During import, a user invokin...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42997/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-05T19:17:45.326688Z"} 2026-05-05T19:17:45.326688+00:00 https://vulnerability.circl.lu/sighting/f1145137-54e8-482b-a6ad-033b4b4c9edb/export 2026-06-06T17:07:22.381313+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "f1145137-54e8-482b-a6ad-033b4b4c9edb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42997", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml4zyjhzgt2i", "content": "CVE-2026-42997 - Dell Idrac Authorization Credential Exposure\nCVE ID : CVE-2026-42997\n \n Published : May 5, 2026, 7:16 p.m. | 1\u00a0hour, 5\u00a0minutes ago\n \n Description : An issue was discovered in idrac in OpenStack Ironic before 35.0.1. During import, a user invoking molds can req...", "creation_timestamp": "2026-05-05T20:35:31.113021Z"} 2026-05-05T20:35:31.113021+00:00 https://vulnerability.circl.lu/sighting/df451601-8996-4b8e-887f-39ead1b7953f/export 2026-06-06T17:07:22.381191+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "df451601-8996-4b8e-887f-39ead1b7953f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42999", "type": "seen", "source": "https://bsky.app/profile/jssfr.zombofant.net.ap.brid.gy/post/3mmwfswfjiez2", "content": "If you are running OpenStack, CVE-2026-42999 and others just dropped: https://bugs.launchpad.net/keystone/+bug/2148398\n\nThis one is really nasty and you'll want to patch ASAP.", "creation_timestamp": "2026-05-28T16:08:57.150231Z"} 2026-05-28T16:08:57.150231+00:00 https://vulnerability.circl.lu/sighting/ed056471-6f29-44b7-b416-6c6165c9d79d/export 2026-06-06T17:07:22.381057+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "ed056471-6f29-44b7-b416-6c6165c9d79d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42999", "type": "seen", "source": "https://bsky.app/profile/jssfr.zombofant.net.ap.brid.gy/post/3mmwftqupgjt2", "content": "If you are running OpenStack, CVE-2026-42999 and others just dropped: https://bugs.launchpad.net/keystone/+bug/2148398\n\nThis one is really nasty and you'll want to patch ASAP.\n\n#OpenStack #Security", "creation_timestamp": "2026-05-28T16:09:26.833716Z"} 2026-05-28T16:09:26.833716+00:00 https://vulnerability.circl.lu/sighting/95cc5d04-2ca5-4a07-8333-887852b00852/export 2026-06-06T17:07:22.380890+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "95cc5d04-2ca5-4a07-8333-887852b00852", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42998", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mmwwsrnh6g2z", "content": "[OSSA-2026-015] OpenStack Keystone: Multiple credential delegation and authorization bypass vulnerabilities (CVE-2026-42998, CVE-2026-42999, CVE-2026-43000, CVE-2026-43001, CVE-2026-44394)", "creation_timestamp": "2026-05-28T21:13:01.990403Z"} 2026-05-28T21:13:01.990403+00:00 https://vulnerability.circl.lu/sighting/85aa5064-41d7-4de5-b5e1-0206b7273723/export 2026-06-06T17:07:22.378906+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "85aa5064-41d7-4de5-b5e1-0206b7273723", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42999", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mmwwsrnh6g2z", "content": "[OSSA-2026-015] OpenStack Keystone: Multiple credential delegation and authorization bypass vulnerabilities (CVE-2026-42998, CVE-2026-42999, CVE-2026-43000, CVE-2026-43001, CVE-2026-44394)", "creation_timestamp": "2026-05-28T21:13:02.141112Z"} 2026-05-28T21:13:02.141112+00:00