Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-07T01:55:55.600669+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/05de6646-216f-440b-8eb5-2df952a80073/export 05de6646-216f-440b-8eb5-2df952a80073 2026-06-07T01:55:55.610078+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "05de6646-216f-440b-8eb5-2df952a80073", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48150", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmu6xgnpmn2g", "content": "\ud83d\udd34 CVE-2026-48150 - Critical (9)\n\nBudibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is gua...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48150/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-27T19:00:49.763812Z"} 2026-05-27T19:00:49.763812+00:00 https://vulnerability.circl.lu/sighting/3edbcd71-7f7f-468f-8f81-2e0c2dd897fe/export 3edbcd71-7f7f-468f-8f81-2e0c2dd897fe 2026-06-07T01:55:55.609998+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "3edbcd71-7f7f-468f-8f81-2e0c2dd897fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48151", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmu6xo2nd72w", "content": "\ud83d\udfe0 CVE-2026-48151 - High (7.5)\n\nBudibase is an open-source low-code platform. Prior to 3.39.0, the webhook schema-building endpoi...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48151/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-27T19:00:57.853480Z"} 2026-05-27T19:00:57.853480+00:00 https://vulnerability.circl.lu/sighting/782797e0-d82b-4bf1-917e-566f3f530a4b/export 782797e0-d82b-4bf1-917e-566f3f530a4b 2026-06-07T01:55:55.609914+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "782797e0-d82b-4bf1-917e-566f3f530a4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48152", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmu6zccumf2t", "content": "\ud83d\udfe0 CVE-2026-48152 - High (8.1)\n\nBudibase is an open-source low-code platform. Prior to 3.39.0, the single-datasource GET and PUT ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48152/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-27T19:01:52.704159Z"} 2026-05-27T19:01:52.704159+00:00 https://vulnerability.circl.lu/sighting/6016099d-a5f5-44dd-b98c-4877f6615368/export 6016099d-a5f5-44dd-b98c-4877f6615368 2026-06-07T01:55:55.609827+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "6016099d-a5f5-44dd-b98c-4877f6615368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48153", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmu6zk2b2p2w", "content": "\ud83d\udfe0 CVE-2026-48153 - High (8.5)\n\nBudibase is an open-source low-code platform. Prior to 3.39.0, fetchToken in the OAuth2 SDK makes...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48153/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-27T19:02:00.807109Z"} 2026-05-27T19:02:00.807109+00:00 https://vulnerability.circl.lu/sighting/863de294-d623-49e3-851e-660588a3e24c/export 863de294-d623-49e3-851e-660588a3e24c 2026-06-07T01:55:55.609744+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "863de294-d623-49e3-851e-660588a3e24c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48151", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmu7tb6enp2i", "content": "CVE-2026-48151 - Budibase: Webhook schema endpoint authorization bypass allows unauthenticated mutation of webhook and automation schema\nCVE ID : CVE-2026-48151\n \n Published : May 27, 2026, 6:16 p.m. | 15\u00a0minutes ago\n \n Description : Budibase is an open-source low-code platfor...", "creation_timestamp": "2026-05-27T19:16:22.884879Z"} 2026-05-27T19:16:22.884879+00:00 https://vulnerability.circl.lu/sighting/3f897a48-b2a6-481d-98aa-53d668026cf6/export 3f897a48-b2a6-481d-98aa-53d668026cf6 2026-06-07T01:55:55.609661+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "3f897a48-b2a6-481d-98aa-53d668026cf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48150", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmubhvu6d72c", "content": "CVE-2026-48150 - Budibase: Workspace-scoped builder escalates to global admin via /api/public/v1/roles/assign\nCVE ID : CVE-2026-48150\n \n Published : May 27, 2026, 6:16 p.m. | 15\u00a0minutes ago\n \n Description : Budibase is an open-source low-code platform. Prior to 3.39.0, /api/pu...", "creation_timestamp": "2026-05-27T19:45:49.346964Z"} 2026-05-27T19:45:49.346964+00:00 https://vulnerability.circl.lu/sighting/e667063c-d0a1-4530-a52b-3da9980e331f/export e667063c-d0a1-4530-a52b-3da9980e331f 2026-06-07T01:55:55.609577+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "e667063c-d0a1-4530-a52b-3da9980e331f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48153", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmucdcb5kf2p", "content": "CVE-2026-48153 - Budibase: SSRF via OAuth2 token endpoint URL reaches internal hosts and cloud metadata\nCVE ID : CVE-2026-48153\n \n Published : May 27, 2026, 6:16 p.m. | 15\u00a0minutes ago\n \n Description : Budibase is an open-source low-code platform. Prior to 3.39.0, fetchToken in...", "creation_timestamp": "2026-05-27T20:01:08.329369Z"} 2026-05-27T20:01:08.329369+00:00 https://vulnerability.circl.lu/sighting/5b334811-9c8b-456e-813c-57db8e78b550/export 5b334811-9c8b-456e-813c-57db8e78b550 2026-06-07T01:55:55.609479+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "5b334811-9c8b-456e-813c-57db8e78b550", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48152", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmucmavj2g2i", "content": "CVE-2026-48152 - Budibase: Basic app users can exfiltrate stored REST datasource auth by rewriting datasource base URL\nCVE ID : CVE-2026-48152\n \n Published : May 27, 2026, 6:16 p.m. | 15\u00a0minutes ago\n \n Description : Budibase is an open-source low-code platform. Prior to 3.39.0...", "creation_timestamp": "2026-05-27T20:06:08.893382Z"} 2026-05-27T20:06:08.893382+00:00 https://vulnerability.circl.lu/sighting/be3899d9-c7ec-4a21-bf42-216c84edbfb3/export be3899d9-c7ec-4a21-bf42-216c84edbfb3 2026-06-07T01:55:55.609358+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "be3899d9-c7ec-4a21-bf42-216c84edbfb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48155", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwk6k2inb2p", "content": "CVE-2026-48155 - pypdf: Possible large memory usage for large offsets for layout mode text\nCVE ID : CVE-2026-48155\n \n Published : May 28, 2026, 4:16 p.m. | 15\u00a0minutes ago\n \n Description : pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who...", "creation_timestamp": "2026-05-28T17:26:57.817533Z"} 2026-05-28T17:26:57.817533+00:00 https://vulnerability.circl.lu/sighting/e4a04e74-04b8-40d0-9326-06f325734af0/export e4a04e74-04b8-40d0-9326-06f325734af0 2026-06-07T01:55:55.608250+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "e4a04e74-04b8-40d0-9326-06f325734af0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48156", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwkejpygx2o", "content": "CVE-2026-48156 - pypdf: Possible long runtimes for zero-only width values in cross-reference streams\nCVE ID : CVE-2026-48156\n \n Published : May 28, 2026, 4:16 p.m. | 15\u00a0minutes ago\n \n Description : pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an at...", "creation_timestamp": "2026-05-28T17:30:19.178549Z"} 2026-05-28T17:30:19.178549+00:00