<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Tue, 14 Jul 2026 21:24:49 +0000</lastBuildDate>
    <item>
      <title>cf4a1f6d-7693-4d76-a9ee-c13ab361ec0a</title>
      <link>https://vulnerability.circl.lu/sighting/cf4a1f6d-7693-4d76-a9ee-c13ab361ec0a/export</link>
      <description>{"uuid": "cf4a1f6d-7693-4d76-a9ee-c13ab361ec0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41003", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3mombbn42ys2n", "content": "Spring Security\u3068Spring WS\u304cXSS\u30fbSSRF\u30fbXXE\u30fbBSP\u691c\u8a3c\u30d0\u30a4\u30d1\u30b9\u3092\u542b\u3080\u8907\u6570\u306e\u8106\u5f31\u6027\u3092\u4fee\u6b63(CVE-2026-41003,CVE-2026-40999)\u4ed6\nrocket-boys.co.jp/security-mea...\n\n#\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56Lab #security #securitynews", "creation_timestamp": "2026-06-19T02:11:28.280293Z"}</description>
      <content:encoded>{"uuid": "cf4a1f6d-7693-4d76-a9ee-c13ab361ec0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41003", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3mombbn42ys2n", "content": "Spring Security\u3068Spring WS\u304cXSS\u30fbSSRF\u30fbXXE\u30fbBSP\u691c\u8a3c\u30d0\u30a4\u30d1\u30b9\u3092\u542b\u3080\u8907\u6570\u306e\u8106\u5f31\u6027\u3092\u4fee\u6b63(CVE-2026-41003,CVE-2026-40999)\u4ed6\nrocket-boys.co.jp/security-mea...\n\n#\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56Lab #security #securitynews", "creation_timestamp": "2026-06-19T02:11:28.280293Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/cf4a1f6d-7693-4d76-a9ee-c13ab361ec0a/export</guid>
      <pubDate>Fri, 19 Jun 2026 02:11:28 +0000</pubDate>
    </item>
    <item>
      <title>5df30ba5-8995-46d2-87fb-4165ad6a270f</title>
      <link>https://vulnerability.circl.lu/sighting/5df30ba5-8995-46d2-87fb-4165ad6a270f/export</link>
      <description>{"uuid": "5df30ba5-8995-46d2-87fb-4165ad6a270f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41001", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mofrmmqg672x", "content": "\ud83d\udd17 CVE : CVE-2026-41001, CVE-2026-41699, CVE-2026-41700, CVE-2026-41856", "creation_timestamp": "2026-06-16T12:15:14.515422Z"}</description>
      <content:encoded>{"uuid": "5df30ba5-8995-46d2-87fb-4165ad6a270f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41001", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mofrmmqg672x", "content": "\ud83d\udd17 CVE : CVE-2026-41001, CVE-2026-41699, CVE-2026-41700, CVE-2026-41856", "creation_timestamp": "2026-06-16T12:15:14.515422Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5df30ba5-8995-46d2-87fb-4165ad6a270f/export</guid>
      <pubDate>Tue, 16 Jun 2026 12:15:14 +0000</pubDate>
    </item>
    <item>
      <title>9fffe5ed-8ba1-480c-bc62-bae31f313652</title>
      <link>https://vulnerability.circl.lu/sighting/9fffe5ed-8ba1-480c-bc62-bae31f313652/export</link>
      <description>{"uuid": "9fffe5ed-8ba1-480c-bc62-bae31f313652", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41005", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moban2bf3u2c", "content": "\ud83d\udd34 CVE-2026-41005 - Critical (9)\n\nCloud Foundry UAA incorrectly treated XML encryption to the Service Provider (confidentiality) as...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41005/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-14T17:00:36.824456Z"}</description>
      <content:encoded>{"uuid": "9fffe5ed-8ba1-480c-bc62-bae31f313652", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41005", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moban2bf3u2c", "content": "\ud83d\udd34 CVE-2026-41005 - Critical (9)\n\nCloud Foundry UAA incorrectly treated XML encryption to the Service Provider (confidentiality) as...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41005/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-14T17:00:36.824456Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9fffe5ed-8ba1-480c-bc62-bae31f313652/export</guid>
      <pubDate>Sun, 14 Jun 2026 17:00:36 +0000</pubDate>
    </item>
    <item>
      <title>d65b94a5-e678-47df-bda4-331d2b7f03a7</title>
      <link>https://vulnerability.circl.lu/sighting/d65b94a5-e678-47df-bda4-331d2b7f03a7/export</link>
      <description>{"uuid": "d65b94a5-e678-47df-bda4-331d2b7f03a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41000", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnzaoi3n5f2d", "content": "\ud83d\udd17 CVE : CVE-2026-40985, CVE-2026-40986, CVE-2026-40987, CVE-2026-40992, CVE-2026-40994, CVE-2026-40995, CVE-2026-40996, CVE-2026-40997, CVE-2026-40998, CVE-2026-40999, CVE-2026-41000, CVE-2026-41862", "creation_timestamp": "2026-06-11T12:40:07.835921Z"}</description>
      <content:encoded>{"uuid": "d65b94a5-e678-47df-bda4-331d2b7f03a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41000", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnzaoi3n5f2d", "content": "\ud83d\udd17 CVE : CVE-2026-40985, CVE-2026-40986, CVE-2026-40987, CVE-2026-40992, CVE-2026-40994, CVE-2026-40995, CVE-2026-40996, CVE-2026-40997, CVE-2026-40998, CVE-2026-40999, CVE-2026-41000, CVE-2026-41862", "creation_timestamp": "2026-06-11T12:40:07.835921Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d65b94a5-e678-47df-bda4-331d2b7f03a7/export</guid>
      <pubDate>Thu, 11 Jun 2026 12:40:07 +0000</pubDate>
    </item>
    <item>
      <title>068170c2-12c0-4209-9416-dda11bc4b6bd</title>
      <link>https://vulnerability.circl.lu/sighting/068170c2-12c0-4209-9416-dda11bc4b6bd/export</link>
      <description>{"uuid": "068170c2-12c0-4209-9416-dda11bc4b6bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41001", "type": "seen", "source": "https://bsky.app/profile/0.5ritter.de/post/3mnyn2l2qo22u", "content": "Spring Boot 4.0.7 available now\n\nspring.io/blog/2026/06...\n\nThis release addresses the following CVEs:\n\n* CVE-2026-40992 \"Mail Auto-Configuration Does Not Enable SSL Hostname Verification\"\n* CVE-2026-41001 \"Predictable Temp Directory in Artemis Auto-configuration\"\n\n#java #spring #springboot", "creation_timestamp": "2026-06-11T06:49:09.603113Z"}</description>
      <content:encoded>{"uuid": "068170c2-12c0-4209-9416-dda11bc4b6bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41001", "type": "seen", "source": "https://bsky.app/profile/0.5ritter.de/post/3mnyn2l2qo22u", "content": "Spring Boot 4.0.7 available now\n\nspring.io/blog/2026/06...\n\nThis release addresses the following CVEs:\n\n* CVE-2026-40992 \"Mail Auto-Configuration Does Not Enable SSL Hostname Verification\"\n* CVE-2026-41001 \"Predictable Temp Directory in Artemis Auto-configuration\"\n\n#java #spring #springboot", "creation_timestamp": "2026-06-11T06:49:09.603113Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/068170c2-12c0-4209-9416-dda11bc4b6bd/export</guid>
      <pubDate>Thu, 11 Jun 2026 06:49:09 +0000</pubDate>
    </item>
    <item>
      <title>7bb0c5a9-cf5a-4783-8f0e-af09c2aaba79</title>
      <link>https://vulnerability.circl.lu/sighting/7bb0c5a9-cf5a-4783-8f0e-af09c2aaba79/export</link>
      <description>{"uuid": "7bb0c5a9-cf5a-4783-8f0e-af09c2aaba79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41001", "type": "seen", "source": "https://bsky.app/profile/0.5ritter.de/post/3mnymx7g2722u", "content": "Spring Boot 3.5.15 available now\n\nspring.io/blog/2026/06...\n\nThis release addresses the following CVEs:\n\n* CVE-2026-40992 \"Mail Auto-Configuration Does Not Enable SSL Hostname Verification\"\n* CVE-2026-41001 \"Predictable Temp Directory in Artemis Auto-configuration\"\n\n#java #spring #springboot", "creation_timestamp": "2026-06-11T06:47:07.173909Z"}</description>
      <content:encoded>{"uuid": "7bb0c5a9-cf5a-4783-8f0e-af09c2aaba79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41001", "type": "seen", "source": "https://bsky.app/profile/0.5ritter.de/post/3mnymx7g2722u", "content": "Spring Boot 3.5.15 available now\n\nspring.io/blog/2026/06...\n\nThis release addresses the following CVEs:\n\n* CVE-2026-40992 \"Mail Auto-Configuration Does Not Enable SSL Hostname Verification\"\n* CVE-2026-41001 \"Predictable Temp Directory in Artemis Auto-configuration\"\n\n#java #spring #springboot", "creation_timestamp": "2026-06-11T06:47:07.173909Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7bb0c5a9-cf5a-4783-8f0e-af09c2aaba79/export</guid>
      <pubDate>Thu, 11 Jun 2026 06:47:07 +0000</pubDate>
    </item>
    <item>
      <title>2c325f98-8a13-40fc-9b6e-41de1c9626fa</title>
      <link>https://vulnerability.circl.lu/sighting/2c325f98-8a13-40fc-9b6e-41de1c9626fa/export</link>
      <description>{"uuid": "2c325f98-8a13-40fc-9b6e-41de1c9626fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41003", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnvt6vxdwr24", "content": "\ud83d\udfe0 CVE-2026-41003 - High (7.6)\n\nAn attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary cod...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41003/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-10T04:00:47.809658Z"}</description>
      <content:encoded>{"uuid": "2c325f98-8a13-40fc-9b6e-41de1c9626fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41003", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnvt6vxdwr24", "content": "\ud83d\udfe0 CVE-2026-41003 - High (7.6)\n\nAn attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary cod...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41003/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-10T04:00:47.809658Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/2c325f98-8a13-40fc-9b6e-41de1c9626fa/export</guid>
      <pubDate>Wed, 10 Jun 2026 04:00:47 +0000</pubDate>
    </item>
    <item>
      <title>98262acb-bffa-421f-9758-401bc57f057e</title>
      <link>https://vulnerability.circl.lu/sighting/98262acb-bffa-421f-9758-401bc57f057e/export</link>
      <description>{"uuid": "98262acb-bffa-421f-9758-401bc57f057e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41006", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnttir6rsy26", "content": "\ud83d\udfe0 CVE-2026-41006 - High (7.5)\n\nSpring HATEOAS's internal PropertyUtils.createObjectFromProperties method, used by the Collection...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41006/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-09T09:00:58.807669Z"}</description>
      <content:encoded>{"uuid": "98262acb-bffa-421f-9758-401bc57f057e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41006", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnttir6rsy26", "content": "\ud83d\udfe0 CVE-2026-41006 - High (7.5)\n\nSpring HATEOAS's internal PropertyUtils.createObjectFromProperties method, used by the Collection...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41006/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-09T09:00:58.807669Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/98262acb-bffa-421f-9758-401bc57f057e/export</guid>
      <pubDate>Tue, 09 Jun 2026 09:00:58 +0000</pubDate>
    </item>
    <item>
      <title>4026d5b8-3b1c-467a-a083-054b762af883</title>
      <link>https://vulnerability.circl.lu/sighting/4026d5b8-3b1c-467a-a083-054b762af883/export</link>
      <description>{"uuid": "4026d5b8-3b1c-467a-a083-054b762af883", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41007", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mntq6af5ab2n", "content": "\ud83d\udfe0 CVE-2026-41007 - High (7.5)\n\nSpring HATEOAS maintains an unbounded static cache of StringLinkRelation instances keyed on attac...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41007/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-09T08:01:23.707676Z"}</description>
      <content:encoded>{"uuid": "4026d5b8-3b1c-467a-a083-054b762af883", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41007", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mntq6af5ab2n", "content": "\ud83d\udfe0 CVE-2026-41007 - High (7.5)\n\nSpring HATEOAS maintains an unbounded static cache of StringLinkRelation instances keyed on attac...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41007/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-09T08:01:23.707676Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/4026d5b8-3b1c-467a-a083-054b762af883/export</guid>
      <pubDate>Tue, 09 Jun 2026 08:01:23 +0000</pubDate>
    </item>
    <item>
      <title>aaff4eea-e638-4de2-a6e5-d54aac6b71bf</title>
      <link>https://vulnerability.circl.lu/sighting/aaff4eea-e638-4de2-a6e5-d54aac6b71bf/export</link>
      <description>{"uuid": "aaff4eea-e638-4de2-a6e5-d54aac6b71bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41009", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmt6mzraeh2k", "content": "CVE-2026-41009 - Local Blobstore may allow arbitrary reads/deletes\nCVE ID : CVE-2026-41009\n \n Published : May 27, 2026, 8:16 a.m. | 15\u00a0minutes ago\n \n Description : When the director sends a long-running request (e.g. compile_package), the agent's reply JSON is consumed by Agen...", "creation_timestamp": "2026-05-27T09:22:20.219393Z"}</description>
      <content:encoded>{"uuid": "aaff4eea-e638-4de2-a6e5-d54aac6b71bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41009", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmt6mzraeh2k", "content": "CVE-2026-41009 - Local Blobstore may allow arbitrary reads/deletes\nCVE ID : CVE-2026-41009\n \n Published : May 27, 2026, 8:16 a.m. | 15\u00a0minutes ago\n \n Description : When the director sends a long-running request (e.g. compile_package), the agent's reply JSON is consumed by Agen...", "creation_timestamp": "2026-05-27T09:22:20.219393Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/aaff4eea-e638-4de2-a6e5-d54aac6b71bf/export</guid>
      <pubDate>Wed, 27 May 2026 09:22:20 +0000</pubDate>
    </item>
  </channel>
</rss>
