https://vulnerability.circl.lu/sightings/feed
Most recent sightings.
2026-06-24T22:32:26.451241+00:00
Vulnerability-Lookup
info@circl.lu
python-feedgen
Contains only the most 10 recent sightings.
https://vulnerability.circl.lu/sighting/e1417af8-e243-46f4-853c-3ddd8b377be2/export
e1417af8-e243-46f4-853c-3ddd8b377be2
2026-06-24T22:32:26.467307+00:00
Automation user
https://vulnerability.circl.lu/user/automation
{"uuid": "e1417af8-e243-46f4-853c-3ddd8b377be2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-53662", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116802848530420895", "content": "immich-app suffers CRITICAL reflected XSS (CVE-2026-53662) in /auth/login (commits 4ffa26c9 \u2013 4eb1003). Exploitation = persistent account takeover via API key minting. Update to commit 4eb1003 or later. https://radar.offseq.com/threat/cve-2026-53662-cwe-79-improper-neutralization-of-i-088d09407e2bf58b #OffSeq #CVE202653662 #XSS #infosec", "creation_timestamp": "2026-06-24T03:00:29.307456Z"}
2026-06-24T03:00:29.307456+00:00