https://vulnerability.circl.lu/sightings/feed 2026-06-08T01:56:12.493773+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/0bdf1c1a-7ec4-4d07-8521-e2f2a3d38358/export 2026-06-08T01:56:12.515323+00:00 Joseph Lee https://vulnerability.circl.lu/user/syspect {"uuid": "0bdf1c1a-7ec4-4d07-8521-e2f2a3d38358", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-45347", "type": "published-proof-of-concept", "source": "https://github.com/open-webui/open-webui/security/advisories/GHSA-f776-fp4w-266c", "content": "", "creation_timestamp": "2026-05-09T22:47:27.000000Z"} 2026-05-09T22:47:27+00:00 https://vulnerability.circl.lu/sighting/d2b3a2d7-dacc-415f-96d5-e8e8b139e397/export 2026-06-08T01:56:12.515247+00:00 Joseph Lee https://vulnerability.circl.lu/user/syspect {"uuid": "d2b3a2d7-dacc-415f-96d5-e8e8b139e397", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-45348", "type": "published-proof-of-concept", "source": "https://github.com/pyload/pyload/security/advisories/GHSA-fcjq-435v-jx94", "content": "", "creation_timestamp": "2026-05-09T23:21:22.000000Z"} 2026-05-09T23:21:22+00:00 https://vulnerability.circl.lu/sighting/fc389890-1d6c-4806-9e66-6493c0a8bb07/export 2026-06-08T01:56:12.514240+00:00 Joseph Lee https://vulnerability.circl.lu/user/syspect {"uuid": "fc389890-1d6c-4806-9e66-6493c0a8bb07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-45349", "type": "published-proof-of-concept", "source": "https://github.com/advisories/GHSA-gfm2-xm6c-37qc", "content": "", "creation_timestamp": "2026-05-14T20:24:35.000000Z"} 2026-05-14T20:24:35+00:00 https://vulnerability.circl.lu/sighting/9e62b36d-818b-4a16-b4ac-81c727e589ab/export 2026-06-08T01:56:12.514176+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "9e62b36d-818b-4a16-b4ac-81c727e589ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45347", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlwmx6fwfz2t", "content": "CVE-2026-45347 - Open WebUI: Blind server side request forgery (SSRF) via the PDF generate function\nCVE ID : CVE-2026-45347\n \n Published : May 15, 2026, 10:16 p.m. | 1\u00a0hour, 19\u00a0minutes ago\n \n Description : Open WebUI is a self-hosted artificial intelligence platform designed t...", "creation_timestamp": "2026-05-16T00:51:20.782482Z"} 2026-05-16T00:51:20.782482+00:00 https://vulnerability.circl.lu/sighting/131a7ed7-c55c-42af-8133-d7b79480c6e7/export 2026-06-08T01:56:12.514112+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "131a7ed7-c55c-42af-8133-d7b79480c6e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45345", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlwocnrknq2e", "content": "CVE-2026-45345 - Open WebUI: Missing authorization check at the model update function - models from other users can be updated\nCVE ID : CVE-2026-45345\n \n Published : May 15, 2026, 10:16 p.m. | 1\u00a0hour, 19\u00a0minutes ago\n \n Description : Open WebUI is a self-hosted artificial intel...", "creation_timestamp": "2026-05-16T01:15:40.211723Z"} 2026-05-16T01:15:40.211723+00:00 https://vulnerability.circl.lu/sighting/ba9f1ca0-1b9b-4831-b138-9652348b673c/export 2026-06-08T01:56:12.514046+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "ba9f1ca0-1b9b-4831-b138-9652348b673c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45348", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmwpgw3uve2g", "content": "\ud83d\udfe0 CVE-2026-45348 - High (8.7)\n\npyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-45348/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-28T19:01:08.731038Z"} 2026-05-28T19:01:08.731038+00:00 https://vulnerability.circl.lu/sighting/438e7a0e-cedb-4426-bd26-4065fed9ceba/export 2026-06-08T01:56:12.513978+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "438e7a0e-cedb-4426-bd26-4065fed9ceba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45348", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmws476nob2e", "content": "CVE-2026-45348 - pyLoad: Stored XSS in Downloads view via unsanitized link URL in packages.js template literal\nCVE ID : CVE-2026-45348\n \n Published : May 28, 2026, 6:16 p.m. | 54\u00a0minutes ago\n \n Description : pyLoad is a free and open-source download manager written in Python. ...", "creation_timestamp": "2026-05-28T19:48:49.498899Z"} 2026-05-28T19:48:49.498899+00:00 https://vulnerability.circl.lu/sighting/c2d3a920-29f4-44c8-a47f-aaaa14bf37e0/export 2026-06-08T01:56:12.513905+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "c2d3a920-29f4-44c8-a47f-aaaa14bf37e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45344", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmx4tgkkqy2w", "content": "\ud83d\udfe0 CVE-2026-45344 - High (8.1)\n\nLinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the setup database con...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-45344/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-28T23:00:47.255042Z"} 2026-05-28T23:00:47.255042+00:00 https://vulnerability.circl.lu/sighting/ab14d989-560a-4ea4-8b3f-8c12dc6192d3/export 2026-06-08T01:56:12.513811+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "ab14d989-560a-4ea4-8b3f-8c12dc6192d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45343", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmx7k4dw572k", "content": "CVE-2026-45343 - LinkAce - Stored XSS via Unsanitized SSO User's Name Rendered in Admin Audit Log Allows Session Hijacking\nCVE ID : CVE-2026-45343\n \n Published : May 28, 2026, 10:17 p.m. | 53\u00a0minutes ago\n \n Description : LinkAce is a self-hosted archive to collect website link...", "creation_timestamp": "2026-05-28T23:49:15.116998Z"} 2026-05-28T23:49:15.116998+00:00 https://vulnerability.circl.lu/sighting/9a1ed8af-cff1-407e-98db-1f09901f8023/export 2026-06-08T01:56:12.512107+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "9a1ed8af-cff1-407e-98db-1f09901f8023", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45344", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmxavr27ul2k", "content": "CVE-2026-45344 - LinkAce: Setup database password newline injection enables pre-auth RCE on uninitialized instances\nCVE ID : CVE-2026-45344\n \n Published : May 28, 2026, 10:17 p.m. | 53\u00a0minutes ago\n \n Description : LinkAce is a self-hosted archive to collect website links. Prio...", "creation_timestamp": "2026-05-29T00:13:39.609867Z"} 2026-05-29T00:13:39.609867+00:00