https://vulnerability.circl.lu/sightings/feed 2026-06-28T00:16:02.800971+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/64e3fa8f-31ef-4b71-8bf6-325c4f08b3df/export 2026-06-28T00:16:02.825195+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "64e3fa8f-31ef-4b71-8bf6-325c4f08b3df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56073", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moohtqinc627", "content": "CVE-2026-56073 - Cap-go - OTP Bypass via Response Manipulation in Email Verification\nCVE ID : CVE-2026-56073\n \n Published : June 19, 2026, 9:39 p.m. | 1\u00a0hour, 30\u00a0minutes ago\n \n Description : Cap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verifica...", "creation_timestamp": "2026-06-19T23:14:13.486897Z"} 2026-06-19T23:14:13.486897+00:00 https://vulnerability.circl.lu/sighting/c2c38aa7-3412-46e3-9849-74827f058f5a/export 2026-06-28T00:16:02.825089+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "c2c38aa7-3412-46e3-9849-74827f058f5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56073", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116780199172553168", "content": "CVE-2026-56073 (CRITICAL) affects Cap-go capgo <12.128.2: Insufficient data authenticity checks allow OTP bypass, enabling attackers to activate 2FA & take over accounts. No patch yet \u2014 monitor vendor updates. https://radar.offseq.com/threat/cve-2026-56073-insufficient-verification-of-data-a-d7403d6896f5b084 #OffSeq #CVE #Infosec #AppSec", "creation_timestamp": "2026-06-20T03:00:27.713564Z"} 2026-06-20T03:00:27.713564+00:00 https://vulnerability.circl.lu/sighting/bdb6f574-09db-4040-be0d-8efc1512d522/export 2026-06-28T00:16:02.824983+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "bdb6f574-09db-4040-be0d-8efc1512d522", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56073", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3moouic4kvn2u", "content": "Cap-go capgo (<12.128.2) hit by CRITICAL CVE-2026-56073: OTP auth bypass lets attackers enable 2FA & take over accounts. No patch \u2014 monitor vendor channels for updates. https://radar.offseq.com/threat/cve-2026-56073-insufficient-verification-of-data-a-d7403d6896f5b084 #OffSeq #CVE #Security", "creation_timestamp": "2026-06-20T03:00:28.714462Z"} 2026-06-20T03:00:28.714462+00:00 https://vulnerability.circl.lu/sighting/4c59b0fb-700f-4a87-a253-6d7153d54cba/export 2026-06-28T00:16:02.824872+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "4c59b0fb-700f-4a87-a253-6d7153d54cba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56073", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mop3ix2tpp2z", "content": "Daily IT Security Digest \u2014 2026-06-20\nCVE-2026-56073 (CRITICAL) allows OTP bypass through insufficient data authenticity checks, enabling attackers to activate two-factor authentication and take over accounts. EUVD-2026-38100 (8.7) and EUVD-2026-38099 (6.9) involve information disclosure via", "creation_timestamp": "2026-06-20T05:06:06.409474Z"} 2026-06-20T05:06:06.409474+00:00 https://vulnerability.circl.lu/sighting/50e46777-b304-4f79-9e9b-3641a6407f28/export 2026-06-28T00:16:02.824711+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "50e46777-b304-4f79-9e9b-3641a6407f28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56073", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mopbujmpzo2r", "content": "Cap-go 12.128.2\u672a\u6e80\u306eOTP\u8a8d\u8a3c\u306b\u8106\u5f31\u6027\u3002\u653b\u6483\u8005\u306f\u30e1\u30fc\u30eb\u691c\u8a3c\u3092\u8fc2\u56de\u3057\u30012FA\u4e0d\u6b63\u6709\u52b9\u5316\u3084\u30a2\u30ab\u30a6\u30f3\u30c8\u4e57\u3063\u53d6\u308a\u304c\u53ef\u80fd\u3002\nCVE-2026-56073 CVSS 9.4 | CRITICAL", "creation_timestamp": "2026-06-20T06:59:57.193692Z"} 2026-06-20T06:59:57.193692+00:00 https://vulnerability.circl.lu/sighting/72323327-b4a6-40b3-8535-ac2e173677f8/export 2026-06-28T00:16:02.821879+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "72323327-b4a6-40b3-8535-ac2e173677f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56073", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motn57zsyx2v", "content": "\ud83d\udea8 ALERT: CVE-2026-56073\n\nCVSS 9.4/10\n\n\ud83d\udccb WHAT IT IS:\nCap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email verification by modifying server responses. Attackers can intercept OTP verification requests and manipulate HTTP resp", "creation_timestamp": "2026-06-22T00:32:19.300425Z"} 2026-06-22T00:32:19.300425+00:00