<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Wed, 15 Jul 2026 20:42:01 +0000</lastBuildDate>
    <item>
      <title>30142aec-3213-45e4-b8e6-731ba529fce0</title>
      <link>https://vulnerability.circl.lu/sighting/30142aec-3213-45e4-b8e6-731ba529fce0/export</link>
      <description>{"uuid": "30142aec-3213-45e4-b8e6-731ba529fce0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10797", "type": "seen", "source": "https://bsky.app/profile/cyfar.ca/post/3mqpkd2blru2p", "content": "@esetresearch.bsky.social\n11 old Microsoft-signed UEFI shims allow bypassing Secure Boot to deploy bootkits; patched in June 2026 Patch Tuesday.\n-\nIOCs: CVE-2026-8863, CVE-2026-10797\n-\n#SecureBoot #ThreatIntel #UEFI", "creation_timestamp": "2026-07-15T20:21:38.144941Z"}</description>
      <content:encoded>{"uuid": "30142aec-3213-45e4-b8e6-731ba529fce0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10797", "type": "seen", "source": "https://bsky.app/profile/cyfar.ca/post/3mqpkd2blru2p", "content": "@esetresearch.bsky.social\n11 old Microsoft-signed UEFI shims allow bypassing Secure Boot to deploy bootkits; patched in June 2026 Patch Tuesday.\n-\nIOCs: CVE-2026-8863, CVE-2026-10797\n-\n#SecureBoot #ThreatIntel #UEFI", "creation_timestamp": "2026-07-15T20:21:38.144941Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/30142aec-3213-45e4-b8e6-731ba529fce0/export</guid>
      <pubDate>Wed, 15 Jul 2026 20:21:38 +0000</pubDate>
    </item>
    <item>
      <title>0fff37c0-c74f-4900-abc7-0b8e1b00db72</title>
      <link>https://vulnerability.circl.lu/sighting/0fff37c0-c74f-4900-abc7-0b8e1b00db72/export</link>
      <description>{"uuid": "0fff37c0-c74f-4900-abc7-0b8e1b00db72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10797", "type": "seen", "source": "https://infosec.exchange/users/ESETresearch/statuses/116917582564392811", "content": "#ESETresearch discovered and reported to @certcc 11 old Microsoft-signed UEFI shim bootloaders that allow bypassing UEFI Secure Boot on most UEFI systems. Read about it at https://www.welivesecurity.com/en/eset-research/forgotten-uefi-shims-undermining-secure-boot/ Tracked by #CVE-2026-8863 and #CVE-2026-10797, all these vulnerable shims were revoked in Microsoft\u2019s June Patch Tuesday updates.  \nhttps://www.cve.org/CVERecord?id=CVE-2026-8863 \nhttps://www.cve.org/CVERecord?id=CVE-2026-10797Exploiting these vulnerable shims allows execution of untrusted code at system boot by using the Bring Your Own Vulnerable Driver (#BYOVD) technique, enabling deployment of malicious UEFI bootkits on systems that trust the Microsoft Corporation UEFI CA 2011 certificate. What makes these old shims dangerous is not a novel vulnerability, it\u2019s that no new vulnerability is needed to bypass Secure Boot. Just an old, still-trusted, unrevoked shim and basic knowledge of how UEFI works is enough to bypass UEFI Secure Boot and deploy a UEFI bootkit. For more details and instructions on how to verify that the dbx patches were properly applied on your system, read our blogpost:https://www.welivesecurity.com/en/eset-research/forgotten-uefi-shims-undermining-secure-boot/", "creation_timestamp": "2026-07-14T09:19:03.143941Z"}</description>
      <content:encoded>{"uuid": "0fff37c0-c74f-4900-abc7-0b8e1b00db72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10797", "type": "seen", "source": "https://infosec.exchange/users/ESETresearch/statuses/116917582564392811", "content": "#ESETresearch discovered and reported to @certcc 11 old Microsoft-signed UEFI shim bootloaders that allow bypassing UEFI Secure Boot on most UEFI systems. Read about it at https://www.welivesecurity.com/en/eset-research/forgotten-uefi-shims-undermining-secure-boot/ Tracked by #CVE-2026-8863 and #CVE-2026-10797, all these vulnerable shims were revoked in Microsoft\u2019s June Patch Tuesday updates.  \nhttps://www.cve.org/CVERecord?id=CVE-2026-8863 \nhttps://www.cve.org/CVERecord?id=CVE-2026-10797Exploiting these vulnerable shims allows execution of untrusted code at system boot by using the Bring Your Own Vulnerable Driver (#BYOVD) technique, enabling deployment of malicious UEFI bootkits on systems that trust the Microsoft Corporation UEFI CA 2011 certificate. What makes these old shims dangerous is not a novel vulnerability, it\u2019s that no new vulnerability is needed to bypass Secure Boot. Just an old, still-trusted, unrevoked shim and basic knowledge of how UEFI works is enough to bypass UEFI Secure Boot and deploy a UEFI bootkit. For more details and instructions on how to verify that the dbx patches were properly applied on your system, read our blogpost:https://www.welivesecurity.com/en/eset-research/forgotten-uefi-shims-undermining-secure-boot/", "creation_timestamp": "2026-07-14T09:19:03.143941Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0fff37c0-c74f-4900-abc7-0b8e1b00db72/export</guid>
      <pubDate>Tue, 14 Jul 2026 09:19:03 +0000</pubDate>
    </item>
    <item>
      <title>fee2f5f6-4982-4eef-8e94-e3ec635db9ba</title>
      <link>https://vulnerability.circl.lu/sighting/fee2f5f6-4982-4eef-8e94-e3ec635db9ba/export</link>
      <description>{"uuid": "fee2f5f6-4982-4eef-8e94-e3ec635db9ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10797", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3mqlustror224", "content": "Tracked by #CVE-2026-8863 and #CVE-2026-10797, all these vulnerable shims were revoked in Microsoft\u2019s June Patch Tuesday updates.  \n\nwww.cve.org/CVERecord?id... \n\nwww.cve.org/CVERecord?id... 2/5", "creation_timestamp": "2026-07-14T09:18:51.314759Z"}</description>
      <content:encoded>{"uuid": "fee2f5f6-4982-4eef-8e94-e3ec635db9ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10797", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3mqlustror224", "content": "Tracked by #CVE-2026-8863 and #CVE-2026-10797, all these vulnerable shims were revoked in Microsoft\u2019s June Patch Tuesday updates.  \n\nwww.cve.org/CVERecord?id... \n\nwww.cve.org/CVERecord?id... 2/5", "creation_timestamp": "2026-07-14T09:18:51.314759Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/fee2f5f6-4982-4eef-8e94-e3ec635db9ba/export</guid>
      <pubDate>Tue, 14 Jul 2026 09:18:51 +0000</pubDate>
    </item>
    <item>
      <title>e38ebf78-1e6b-4dfc-8dab-15c012296ef2</title>
      <link>https://vulnerability.circl.lu/sighting/e38ebf78-1e6b-4dfc-8dab-15c012296ef2/export</link>
      <description>{"uuid": "e38ebf78-1e6b-4dfc-8dab-15c012296ef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10797", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3mqlustrku224", "content": "Tracked by #CVE-2026-8863 and #CVE-2026-10797, all these vulnerable shims were revoked in Microsoft\u2019s June Patch Tuesday updates.  \n\nwww.cve.org/CVERecord?id... \n\nwww.cve.org/CVERecord?id... 2/5", "creation_timestamp": "2026-07-14T09:18:50.841603Z"}</description>
      <content:encoded>{"uuid": "e38ebf78-1e6b-4dfc-8dab-15c012296ef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10797", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3mqlustrku224", "content": "Tracked by #CVE-2026-8863 and #CVE-2026-10797, all these vulnerable shims were revoked in Microsoft\u2019s June Patch Tuesday updates.  \n\nwww.cve.org/CVERecord?id... \n\nwww.cve.org/CVERecord?id... 2/5", "creation_timestamp": "2026-07-14T09:18:50.841603Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e38ebf78-1e6b-4dfc-8dab-15c012296ef2/export</guid>
      <pubDate>Tue, 14 Jul 2026 09:18:50 +0000</pubDate>
    </item>
    <item>
      <title>cb47e7ea-4bd5-4836-a18c-914bf8e1d531</title>
      <link>https://vulnerability.circl.lu/sighting/cb47e7ea-4bd5-4836-a18c-914bf8e1d531/export</link>
      <description>{"uuid": "cb47e7ea-4bd5-4836-a18c-914bf8e1d531", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10797", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3mqlustrgx224", "content": "Tracked by #CVE-2026-8863 and #CVE-2026-10797, all these vulnerable shims were revoked in Microsoft\u2019s June Patch Tuesday updates.  \n\nwww.cve.org/CVERecord?id... \n\nwww.cve.org/CVERecord?id... 2/5", "creation_timestamp": "2026-07-14T09:18:50.372893Z"}</description>
      <content:encoded>{"uuid": "cb47e7ea-4bd5-4836-a18c-914bf8e1d531", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10797", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3mqlustrgx224", "content": "Tracked by #CVE-2026-8863 and #CVE-2026-10797, all these vulnerable shims were revoked in Microsoft\u2019s June Patch Tuesday updates.  \n\nwww.cve.org/CVERecord?id... \n\nwww.cve.org/CVERecord?id... 2/5", "creation_timestamp": "2026-07-14T09:18:50.372893Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/cb47e7ea-4bd5-4836-a18c-914bf8e1d531/export</guid>
      <pubDate>Tue, 14 Jul 2026 09:18:50 +0000</pubDate>
    </item>
    <item>
      <title>7995ac18-c268-46f8-99a5-bd957b88e039</title>
      <link>https://vulnerability.circl.lu/sighting/7995ac18-c268-46f8-99a5-bd957b88e039/export</link>
      <description>{"uuid": "7995ac18-c268-46f8-99a5-bd957b88e039", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10797", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3mqlustra4c24", "content": "Tracked by #CVE-2026-8863 and #CVE-2026-10797, all these vulnerable shims were revoked in Microsoft\u2019s June Patch Tuesday updates.  \n\nwww.cve.org/CVERecord?id... \n\nwww.cve.org/CVERecord?id... 2/5", "creation_timestamp": "2026-07-14T09:18:49.932318Z"}</description>
      <content:encoded>{"uuid": "7995ac18-c268-46f8-99a5-bd957b88e039", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10797", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3mqlustra4c24", "content": "Tracked by #CVE-2026-8863 and #CVE-2026-10797, all these vulnerable shims were revoked in Microsoft\u2019s June Patch Tuesday updates.  \n\nwww.cve.org/CVERecord?id... \n\nwww.cve.org/CVERecord?id... 2/5", "creation_timestamp": "2026-07-14T09:18:49.932318Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7995ac18-c268-46f8-99a5-bd957b88e039/export</guid>
      <pubDate>Tue, 14 Jul 2026 09:18:49 +0000</pubDate>
    </item>
    <item>
      <title>aa9ec4fb-9265-4e94-9779-3a9f050ee187</title>
      <link>https://vulnerability.circl.lu/sighting/aa9ec4fb-9265-4e94-9779-3a9f050ee187/export</link>
      <description>{"uuid": "aa9ec4fb-9265-4e94-9779-3a9f050ee187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10797", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3mqlusqj43c24", "content": "Tracked by #CVE-2026-8863 and #CVE-2026-10797, all these vulnerable shims were revoked in Microsoft\u2019s June Patch Tuesday updates.  \n\nwww.cve.org/CVERecord?id... \n\nwww.cve.org/CVERecord?id... 2/5", "creation_timestamp": "2026-07-14T09:18:49.458399Z"}</description>
      <content:encoded>{"uuid": "aa9ec4fb-9265-4e94-9779-3a9f050ee187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10797", "type": "seen", "source": "https://bsky.app/profile/esetresearch.bsky.social/post/3mqlusqj43c24", "content": "Tracked by #CVE-2026-8863 and #CVE-2026-10797, all these vulnerable shims were revoked in Microsoft\u2019s June Patch Tuesday updates.  \n\nwww.cve.org/CVERecord?id... \n\nwww.cve.org/CVERecord?id... 2/5", "creation_timestamp": "2026-07-14T09:18:49.458399Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/aa9ec4fb-9265-4e94-9779-3a9f050ee187/export</guid>
      <pubDate>Tue, 14 Jul 2026 09:18:49 +0000</pubDate>
    </item>
  </channel>
</rss>
