<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-12T04:31:49.641814+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/35b06be8-e127-4ed8-825d-8b96051085b4/export</id>
    <title>35b06be8-e127-4ed8-825d-8b96051085b4</title>
    <updated>2026-07-12T04:31:49.663975+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "35b06be8-e127-4ed8-825d-8b96051085b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "seen", "source": "https://bsky.app/profile/vulnsea.com/post/3mqfjy535kc2p", "content": "\ud83c\udf11 HADAL \u00b7 actively exploited critical\nCVE-2026-56291: The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload that allows uploading exec\u2026\nCVSS 9.8 \u00b7 EPSS 0.8% \u00b7 CISA KEV \u00b7 0day\nhttps://beta.vulnsea.com/cve/CVE-2026-56291\n\n#CVE #infosec #cybersecurity #threatintel", "creation_timestamp": "2026-07-11T20:48:54.092666Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/35b06be8-e127-4ed8-825d-8b96051085b4/export"/>
    <published>2026-07-11T20:48:54.092666+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c5e2e593-7508-4973-bffa-30b0a4562194/export</id>
    <title>c5e2e593-7508-4973-bffa-30b0a4562194</title>
    <updated>2026-07-12T04:31:49.665691+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c5e2e593-7508-4973-bffa-30b0a4562194", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56291", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mqebrjho4z2k", "content": "A perfect 10. That's the CVSS score for this one.\n\nCVE-2026-56291.\n\nhttps://www.yazoul.net/advisory/cve/cve-2026-56291-balbooa-forms-unauthenticated-rce-exploited/\n\n#CyberSecurity #PatchNow", "creation_timestamp": "2026-07-11T08:49:23.026355Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c5e2e593-7508-4973-bffa-30b0a4562194/export"/>
    <published>2026-07-11T08:49:23.026355+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/79017480-3fda-42e1-9ed6-48d6d54a490a/export</id>
    <title>79017480-3fda-42e1-9ed6-48d6d54a490a</title>
    <updated>2026-07-12T04:31:49.665806+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "79017480-3fda-42e1-9ed6-48d6d54a490a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqdlc7ntu62d", "content": "\ud83d\udccc CVE-2026-56291 - The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full ... https://www.cyberhub.blog/cves/CVE-2026-56291", "creation_timestamp": "2026-07-11T02:07:06.837562Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/79017480-3fda-42e1-9ed6-48d6d54a490a/export"/>
    <published>2026-07-11T02:07:06.837562+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d8a4ab19-c0a6-4b4c-94a8-0bff151baf53/export</id>
    <title>d8a4ab19-c0a6-4b4c-94a8-0bff151baf53</title>
    <updated>2026-07-12T04:31:49.665895+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d8a4ab19-c0a6-4b4c-94a8-0bff151baf53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6961010", "content": "2026-07-10: [CVE-2026-56291] Balbooa Forms Unrestricted Upload of File with Dangerous Type VulnerabilityBalbooa Forms contains an unrestricted upload of file with dangerous type vulnerability that allows an unauthenticated arbitrary file upload which could allow uploading of executable files leading to full RCE.\ncisakev", "creation_timestamp": "2026-07-10T21:00:34.038500Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d8a4ab19-c0a6-4b4c-94a8-0bff151baf53/export"/>
    <published>2026-07-10T21:00:34.038500+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e9093ec0-6b07-499f-8210-ea42aaa0e23a/export</id>
    <title>e9093ec0-6b07-499f-8210-ea42aaa0e23a</title>
    <updated>2026-07-12T04:31:49.665979+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e9093ec0-6b07-499f-8210-ea42aaa0e23a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mqcr4thq7p2j", "content": "\ud83d\uded1 CVE-2026-56291\nBalbooa Forms\nCVSS 10.0 / EPSS 0% / KEV \u2705\nTL;DR: The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload t\u2026\nhttps://cvesentinel.com/report/CVE-2026-56291?utm_source=bluesky&amp;amp;utm_medium=social&amp;amp;utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-07-10T18:18:48.716003Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e9093ec0-6b07-499f-8210-ea42aaa0e23a/export"/>
    <published>2026-07-10T18:18:48.716003+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/432d1805-bc35-4faa-90ea-ad5d011cfcd9/export</id>
    <title>432d1805-bc35-4faa-90ea-ad5d011cfcd9</title>
    <updated>2026-07-12T04:31:49.666062+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "432d1805-bc35-4faa-90ea-ad5d011cfcd9", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7f8175a4-d002-4926-ad93-9c4b5f79efc9", "content": "", "creation_timestamp": "2026-07-10T18:00:24.652822Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/432d1805-bc35-4faa-90ea-ad5d011cfcd9/export"/>
    <published>2026-07-10T18:00:24.652822+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/92e2ef8f-d2e2-4918-bf2c-700fc0fc3b85/export</id>
    <title>92e2ef8f-d2e2-4918-bf2c-700fc0fc3b85</title>
    <updated>2026-07-12T04:31:49.666143+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "92e2ef8f-d2e2-4918-bf2c-700fc0fc3b85", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2441e572-031d-4f21-a37b-f97ea742bf70", "content": "", "creation_timestamp": "2026-07-10T18:00:02.597504Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/92e2ef8f-d2e2-4918-bf2c-700fc0fc3b85/export"/>
    <published>2026-07-10T18:00:02.597504+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/006e5266-04a2-4f05-8d60-22113691a7e5/export</id>
    <title>006e5266-04a2-4f05-8d60-22113691a7e5</title>
    <updated>2026-07-12T04:31:49.666224+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "006e5266-04a2-4f05-8d60-22113691a7e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116896829543133479", "content": "CISA has added two vulnerabilities to the KEV catalogue.\n-  CVE-2026-48939: iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-48939\n-  CVE-2026-56291: Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-56291 #CISA #infosec #vulnerability", "creation_timestamp": "2026-07-10T17:21:04.803099Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/006e5266-04a2-4f05-8d60-22113691a7e5/export"/>
    <published>2026-07-10T17:21:04.803099+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3ce5e181-ab04-4604-94f8-bfa1df6b5e7a/export</id>
    <title>3ce5e181-ab04-4604-94f8-bfa1df6b5e7a</title>
    <updated>2026-07-12T04:31:49.666305+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3ce5e181-ab04-4604-94f8-bfa1df6b5e7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq7lnwtosi2x", "content": "CVE-2026-56291 - Joomla Extension - balbooa.com - Unauthenticated file upload in Balbooa Forms extension\nCVE ID : CVE-2026-56291\n \n Published : July 9, 2026, 11:16 a.m. | 32\u00a0minutes ago\n \n Description : The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arb...", "creation_timestamp": "2026-07-09T12:03:01.091980Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3ce5e181-ab04-4604-94f8-bfa1df6b5e7a/export"/>
    <published>2026-07-09T12:03:01.091980+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/596be121-8685-40e9-802b-8ecb5f64837f/export</id>
    <title>596be121-8685-40e9-802b-8ecb5f64837f</title>
    <updated>2026-07-12T04:31:49.666385+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "596be121-8685-40e9-802b-8ecb5f64837f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56291", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mq7ljhukn42i", "content": "CRITICAL: Balbooa Forms for Joomla (1.0 \u2013 2.4.0) lets unauthenticated attackers upload and run files, enabling full RCE. No patch out. Restrict or disable use now. https://radar.offseq.com/threat/cve-2026-56291-cwe-434-unrestricted-upload-of-file-aa89baa3213ad239 #OffSeq #Joomla #Security", "creation_timestamp": "2026-07-09T12:00:31.415727Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/596be121-8685-40e9-802b-8ecb5f64837f/export"/>
    <published>2026-07-09T12:00:31.415727+00:00</published>
  </entry>
</feed>
