https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 25 Jun 2026 14:01:43 +0000 https://vulnerability.circl.lu/sighting/bf73fd9f-68f2-430b-aa2d-78c5ff9821c3/export {"uuid": "bf73fd9f-68f2-430b-aa2d-78c5ff9821c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55454", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mp34rdzebt2t", "content": "Appsmith <2.1 has a CRITICAL vuln (CVE-2026-55454): low-priv users can exploit internal Caddy admin API via SSRF to control the reverse proxy. Upgrade to 2.1+ immediately. https://radar.offseq.com/threat/cve-2026-55454-cwe-749-exposed-dangerous-method-or-64dab1aa9059ef90 #OffSeq #appsmith #security", "creation_timestamp": "2026-06-25T00:00:40.120443Z"} {"uuid": "bf73fd9f-68f2-430b-aa2d-78c5ff9821c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55454", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mp34rdzebt2t", "content": "Appsmith <2.1 has a CRITICAL vuln (CVE-2026-55454): low-priv users can exploit internal Caddy admin API via SSRF to control the reverse proxy. Upgrade to 2.1+ immediately. https://radar.offseq.com/threat/cve-2026-55454-cwe-749-exposed-dangerous-method-or-64dab1aa9059ef90 #OffSeq #appsmith #security", "creation_timestamp": "2026-06-25T00:00:40.120443Z"} https://vulnerability.circl.lu/sighting/bf73fd9f-68f2-430b-aa2d-78c5ff9821c3/export Thu, 25 Jun 2026 00:00:40 +0000 https://vulnerability.circl.lu/sighting/69a932d7-60a6-4ea2-a3a7-bbc91219e372/export {"uuid": "69a932d7-60a6-4ea2-a3a7-bbc91219e372", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55454", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116807803619283441", "content": "CVE-2026-55454: CRITICAL (CVSS 9.9) vuln in appsmithorg Appsmith <2.1. Unauth Caddy admin API inside container can be exploited via SSRF by low-priv users to control reverse proxy. Upgrade to 2.1+ ASAP. https://radar.offseq.com/threat/cve-2026-55454-cwe-749-exposed-dangerous-method-or-64dab1aa9059ef90 #OffSeq #infosec #CVE202655454 #appsmith", "creation_timestamp": "2026-06-25T00:01:01.442913Z"} {"uuid": "69a932d7-60a6-4ea2-a3a7-bbc91219e372", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55454", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116807803619283441", "content": "CVE-2026-55454: CRITICAL (CVSS 9.9) vuln in appsmithorg Appsmith <2.1. Unauth Caddy admin API inside container can be exploited via SSRF by low-priv users to control reverse proxy. Upgrade to 2.1+ ASAP. https://radar.offseq.com/threat/cve-2026-55454-cwe-749-exposed-dangerous-method-or-64dab1aa9059ef90 #OffSeq #infosec #CVE202655454 #appsmith", "creation_timestamp": "2026-06-25T00:01:01.442913Z"} https://vulnerability.circl.lu/sighting/69a932d7-60a6-4ea2-a3a7-bbc91219e372/export Thu, 25 Jun 2026 00:01:01 +0000 https://vulnerability.circl.lu/sighting/efa6bc93-7739-4302-a76c-55f1fb1212aa/export {"uuid": "efa6bc93-7739-4302-a76c-55f1fb1212aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55454", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp3eifnflm25", "content": "CVE-2026-55454 - Appsmith: Caddy admin API exposed without authentication\nCVE ID : CVE-2026-55454\n \n Published : June 24, 2026, 9:38 p.m. | 3\u00a0hours, 32\u00a0minutes ago\n \n Description : Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, the ...", "creation_timestamp": "2026-06-25T02:18:48.732591Z"} {"uuid": "efa6bc93-7739-4302-a76c-55f1fb1212aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55454", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp3eifnflm25", "content": "CVE-2026-55454 - Appsmith: Caddy admin API exposed without authentication\nCVE ID : CVE-2026-55454\n \n Published : June 24, 2026, 9:38 p.m. | 3\u00a0hours, 32\u00a0minutes ago\n \n Description : Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, the ...", "creation_timestamp": "2026-06-25T02:18:48.732591Z"} https://vulnerability.circl.lu/sighting/efa6bc93-7739-4302-a76c-55f1fb1212aa/export Thu, 25 Jun 2026 02:18:48 +0000