https://vulnerability.circl.lu/sightings/feed 2026-06-19T04:09:05.705350+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/c481ba80-a904-4551-93ce-637d82942d76/export 2026-06-19T04:09:06.168488+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "c481ba80-a904-4551-93ce-637d82942d76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49268", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3moimkre7522k", "content": "CVE-2026-49268: Apache Shiro: LDAP DN Injection in DefaultLdapRealm", "creation_timestamp": "2026-06-17T15:22:42.772488Z"} 2026-06-17T15:22:42.772488+00:00 https://vulnerability.circl.lu/sighting/86ce5027-bff0-414b-8fdb-98b3e6938875/export 2026-06-19T04:09:06.167094+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "86ce5027-bff0-414b-8fdb-98b3e6938875", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49268", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3molcr4tjop2y", "content": "Apache Shiro patched CVE-2026-49268: DefaultLdapRealm did not escape RFC 2253 special characters in usernames, allowing LDAP DN injection. Fixed in 2.2.1 and 3.0.0-alpha-2. Input that flows into a directory query needs escaping every time. When did you last audit your Shiro realm config?\n\n#security", "creation_timestamp": "2026-06-18T17:05:17.919201Z"} 2026-06-18T17:05:17.919201+00:00