<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-16T23:35:18.244340+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/33875bd1-2c6b-4cd7-9d2a-5d5f4227abe6/export</id>
    <title>33875bd1-2c6b-4cd7-9d2a-5d5f4227abe6</title>
    <updated>2026-07-16T23:35:18.263532+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "33875bd1-2c6b-4cd7-9d2a-5d5f4227abe6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52893", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqpxqavaqm2i", "content": "CVE-2026-52893 - Wekan: OIDC Account Takeover via Unconditional Email-Based Account Merge in onCreateUser hook\nCVE ID : CVE-2026-52893\n \n Published : July 15, 2026, 10:17 p.m. | 17\u00a0minutes ago\n \n Description : Wekan is open source kanban built with Meteor. Prior to 9.32, the W...", "creation_timestamp": "2026-07-16T00:21:39.248994Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/33875bd1-2c6b-4cd7-9d2a-5d5f4227abe6/export"/>
    <published>2026-07-16T00:21:39.248994+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/485fa4cc-40f8-4b15-be09-c61c09a6d2dc/export</id>
    <title>485fa4cc-40f8-4b15-be09-c61c09a6d2dc</title>
    <updated>2026-07-16T23:35:18.265745+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "485fa4cc-40f8-4b15-be09-c61c09a6d2dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52893", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqptj4dkuq2w", "content": "CVE-2026-52893 - wekan\nWekan users are at risk if their email address is shared with an attacker using an OpenID Connect (OIDC) account. This vulnerability is fixed in Wekan version 9.32, so update to the latest\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#wekan #CVE #infosec", "creation_timestamp": "2026-07-15T23:06:04.667647Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/485fa4cc-40f8-4b15-be09-c61c09a6d2dc/export"/>
    <published>2026-07-15T23:06:04.667647+00:00</published>
  </entry>
</feed>
