https://vulnerability.circl.lu/sightings/feed 2026-06-02T11:35:58.240276+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/a2432f4f-ce06-4454-9be7-0ad2ddfa54c9/export 2026-06-02T11:35:58.589888+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "a2432f4f-ce06-4454-9be7-0ad2ddfa54c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4640", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mhrtk7qoca2a", "content": "", "creation_timestamp": "2026-03-24T05:25:17.440512Z"} 2026-03-24T05:25:17.440512+00:00 https://vulnerability.circl.lu/sighting/bc4cfb1b-aac3-46c9-8a97-1d71862b9f63/export 2026-06-02T11:35:58.589798+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "bc4cfb1b-aac3-46c9-8a97-1d71862b9f63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4640", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mhrywm3tqo2g", "content": "", "creation_timestamp": "2026-03-24T07:01:41.096098Z"} 2026-03-24T07:01:41.096098+00:00 https://vulnerability.circl.lu/sighting/d5846f50-293d-40b1-850d-6e1d5f349f70/export 2026-06-02T11:35:58.589683+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "d5846f50-293d-40b1-850d-6e1d5f349f70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46408", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlxz3olh6h2z", "content": "\ud83d\udfe0 CVE-2026-46408 - High (7.6)\n\nVvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce s...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-46408/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-16T14:02:22.153896Z"} 2026-05-16T14:02:22.153896+00:00 https://vulnerability.circl.lu/sighting/015b3d70-5a08-4296-950c-4279212f9e54/export 2026-06-02T11:35:58.588754+00:00 Joseph Lee https://vulnerability.circl.lu/user/syspect {"uuid": "015b3d70-5a08-4296-950c-4279212f9e54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-46403", "type": "published-proof-of-concept", "source": "https://github.com/klever-io/klever-go/security/advisories/GHSA-jc6w-wmfc-fh33", "content": "", "creation_timestamp": "2026-05-19T10:00:26.000000Z"} 2026-05-19T10:00:26+00:00 https://vulnerability.circl.lu/sighting/e0c4d3dc-4a18-449a-bd56-23d37fecc4f2/export 2026-06-02T11:35:58.588665+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "e0c4d3dc-4a18-449a-bd56-23d37fecc4f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46402", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmumods67b2r", "content": "CVE-2026-46402 - Microsoft UFO uses untrusted task_name in log paths, allowing authenticated path traversal and log file creation outside the logs directory\nCVE ID : CVE-2026-46402\n \n Published : May 27, 2026, 9:54 p.m. | 38\u00a0minutes ago\n \n Description : Microsoft UFO open-sour...", "creation_timestamp": "2026-05-27T23:06:16.309837Z"} 2026-05-27T23:06:16.309837+00:00 https://vulnerability.circl.lu/sighting/7e89e59f-b716-4139-8fdb-93a66c92e173/export 2026-06-02T11:35:58.588567+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "7e89e59f-b716-4139-8fdb-93a66c92e173", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46402", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mmuyanmsf327", "content": "Microsoft UFO 3.0.1-4-ge2626659\u3067\u306f\u3001\u8a8d\u8a3c\u6e08\u307f\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u304ctask_name\u306b\u30d1\u30b9\u30fb\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u30fb\u30b7\u30fc\u30b1\u30f3\u30b9\u3092\u4ed5\u8fbc\u307f\u3001\u610f\u56f3\u3057\u306a\u3044\u5834\u6240\u3078\u306e\u30ed\u30b0\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u30fb\u30d5\u30a1\u30a4\u30eb\u4f5c\u6210\u2026\nCVE-2026-46402 CVSS 8.1 | HIGH", "creation_timestamp": "2026-05-28T02:33:22.415960Z"} 2026-05-28T02:33:22.415960+00:00 https://vulnerability.circl.lu/sighting/d20c1810-af2c-44f4-9e49-8ddf69abf79c/export 2026-06-02T11:35:58.588437+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "d20c1810-af2c-44f4-9e49-8ddf69abf79c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46402", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116650673866596517", "content": "\u26a0\ufe0f HIGH severity: Microsoft UFO 3.0.1-4-ge2626659 has a path traversal vuln (CVE-2026-46402). Authenticated users can write files outside logs/. No patch yet \u2014 restrict access & monitor input. https://radar.offseq.com/threat/cve-2026-46402-cwe-22-improper-limitation-of-a-pat-6437f7ab #OffSeq #Microsoft #PathTraversal #CVE202646402", "creation_timestamp": "2026-05-28T06:00:29.290083Z"} 2026-05-28T06:00:29.290083+00:00 https://vulnerability.circl.lu/sighting/42eab82b-0471-4295-8f67-e16f039aa432/export 2026-06-02T11:35:58.586825+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "42eab82b-0471-4295-8f67-e16f039aa432", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46402", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mmvdsz2lzi2p", "content": "Microsoft UFO 3.0.1-4-ge2626659: HIGH severity path traversal lets authenticated users create files beyond logs/. No patch \u2014 restrict access & monitor inputs. https://radar.offseq.com/threat/cve-2026-46402-cwe-22-improper-limitation-of-a-pat-6437f7ab #OffSeq #Microsoft #Vulnerability", "creation_timestamp": "2026-05-28T06:00:30.480810Z"} 2026-05-28T06:00:30.480810+00:00