Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-21T17:03:09.359422+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/29a61683-cd36-4ea8-9c07-e180fb539fc1/export 29a61683-cd36-4ea8-9c07-e180fb539fc1 2026-06-21T17:03:09.760225+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "29a61683-cd36-4ea8-9c07-e180fb539fc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54390", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3molhj2cqpl2v", "content": "CVE-2026-54390: CRITICAL template injection in JTL Shop 5.2.0 \u2013 5.7.1 lets attackers access secrets & achieve RCE. No patch \u2014 restrict access & monitor for abuse. https://radar.offseq.com/threat/cve-2026-54390-improper-neutralization-of-special--56e42e7fa37d20ee #OffSeq #CVE202654390 #websecurity", "creation_timestamp": "2026-06-18T18:30:15.890123Z"} 2026-06-18T18:30:15.890123+00:00 https://vulnerability.circl.lu/sighting/3beb0c21-6e0e-4f1d-94fe-0a72cdd71645/export 3beb0c21-6e0e-4f1d-94fe-0a72cdd71645 2026-06-21T17:03:09.760106+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "3beb0c21-6e0e-4f1d-94fe-0a72cdd71645", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54390", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116772530635095713", "content": "CRITICAL: CVE-2026-54390 in JTL Shop (5.2.0 \u2013 5.7.1) enables unauthenticated template injection. Attackers can extract secrets; RCE possible in 5.4.0+. No patch yet \u2014 restrict access & monitor logs. https://radar.offseq.com/threat/cve-2026-54390-improper-neutralization-of-special--56e42e7fa37d20ee #OffSeq #CVE202654390 #infosec #websecurity", "creation_timestamp": "2026-06-18T18:30:17.105039Z"} 2026-06-18T18:30:17.105039+00:00 https://vulnerability.circl.lu/sighting/81de25ff-d0d3-49fc-ad55-e6f7401ff04a/export 81de25ff-d0d3-49fc-ad55-e6f7401ff04a 2026-06-21T17:03:09.758175+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "81de25ff-d0d3-49fc-ad55-e6f7401ff04a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54390", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3molrr3wyz52f", "content": "CVE-2026-54390 - JTL Shop\nCVE ID : CVE-2026-54390\n \n Published : June 18, 2026, 5:33 p.m. | 3\u00a0hours, 35\u00a0minutes ago\n \n Description : JTL Shop versions 5.2.0 through 5.7.1 contains a server-side template injection vulnerability that allows unauthenticated attackers to inject ma...", "creation_timestamp": "2026-06-18T21:33:43.085836Z"} 2026-06-18T21:33:43.085836+00:00