<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Tue, 14 Jul 2026 00:45:48 +0000</lastBuildDate>
    <item>
      <title>b4396873-e47c-468e-9a28-119f51a5f9a8</title>
      <link>https://vulnerability.circl.lu/sighting/b4396873-e47c-468e-9a28-119f51a5f9a8/export</link>
      <description>{"uuid": "b4396873-e47c-468e-9a28-119f51a5f9a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60109", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqe42nzehc2m", "content": "\ud83d\udccc CVE-2026-60109 - Zeek before 8.0.9 contains a null pointer dereference vulnerability in its Kerberos protocol analyzer that allows unauthenticated remote attackers to ... https://www.cyberhub.blog/cves/CVE-2026-60109", "creation_timestamp": "2026-07-11T07:07:07.089287Z"}</description>
      <content:encoded>{"uuid": "b4396873-e47c-468e-9a28-119f51a5f9a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60109", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqe42nzehc2m", "content": "\ud83d\udccc CVE-2026-60109 - Zeek before 8.0.9 contains a null pointer dereference vulnerability in its Kerberos protocol analyzer that allows unauthenticated remote attackers to ... https://www.cyberhub.blog/cves/CVE-2026-60109", "creation_timestamp": "2026-07-11T07:07:07.089287Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b4396873-e47c-468e-9a28-119f51a5f9a8/export</guid>
      <pubDate>Sat, 11 Jul 2026 07:07:07 +0000</pubDate>
    </item>
    <item>
      <title>f1700cce-eaf1-46ae-8457-24b09cfa69c2</title>
      <link>https://vulnerability.circl.lu/sighting/f1700cce-eaf1-46ae-8457-24b09cfa69c2/export</link>
      <description>{"uuid": "f1700cce-eaf1-46ae-8457-24b09cfa69c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60108", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqe2eytxit23", "content": "\ud83d\udccc CVE-2026-60108 - Zeek before 8.0.9 contains an uncontrolled memory consumption vulnerability in the FTP analyzer that allows unauthenticated remote attackers to cause ... https://www.cyberhub.blog/cves/CVE-2026-60108", "creation_timestamp": "2026-07-11T06:37:06.757029Z"}</description>
      <content:encoded>{"uuid": "f1700cce-eaf1-46ae-8457-24b09cfa69c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60108", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqe2eytxit23", "content": "\ud83d\udccc CVE-2026-60108 - Zeek before 8.0.9 contains an uncontrolled memory consumption vulnerability in the FTP analyzer that allows unauthenticated remote attackers to cause ... https://www.cyberhub.blog/cves/CVE-2026-60108", "creation_timestamp": "2026-07-11T06:37:06.757029Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/f1700cce-eaf1-46ae-8457-24b09cfa69c2/export</guid>
      <pubDate>Sat, 11 Jul 2026 06:37:06 +0000</pubDate>
    </item>
    <item>
      <title>27698e92-c508-4ccf-8406-db21ea9ab1ce</title>
      <link>https://vulnerability.circl.lu/sighting/27698e92-c508-4ccf-8406-db21ea9ab1ce/export</link>
      <description>{"uuid": "27698e92-c508-4ccf-8406-db21ea9ab1ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60105", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdfvjfxus2i", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-60105 \u0432 Monsta FTP: \u0443\u0433\u0440\u043e\u0437\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u043e\u0439 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/447027C9-A85C-4C39-A2E5-B0B9097DE3DA", "creation_timestamp": "2026-07-11T00:30:32.005022Z"}</description>
      <content:encoded>{"uuid": "27698e92-c508-4ccf-8406-db21ea9ab1ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60105", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdfvjfxus2i", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-60105 \u0432 Monsta FTP: \u0443\u0433\u0440\u043e\u0437\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u043e\u0439 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/447027C9-A85C-4C39-A2E5-B0B9097DE3DA", "creation_timestamp": "2026-07-11T00:30:32.005022Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/27698e92-c508-4ccf-8406-db21ea9ab1ce/export</guid>
      <pubDate>Sat, 11 Jul 2026 00:30:32 +0000</pubDate>
    </item>
    <item>
      <title>e3699b3e-9279-4ac7-8d91-ac69c4932fec</title>
      <link>https://vulnerability.circl.lu/sighting/e3699b3e-9279-4ac7-8d91-ac69c4932fec/export</link>
      <description>{"uuid": "e3699b3e-9279-4ac7-8d91-ac69c4932fec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60104", "type": "seen", "source": "https://www.acn.gov.it/portale/w/bitwarden-poc-pubblico-per-lo-sfruttamento-di-una-nuova-vulnerabilita", "content": "Disponibile un Proof of Concept (PoC) per la vulnerabilit\u00e0 identificata tramite la CVE-2026-60104 \u2013 gi\u00e0 sanata dal vendor \u2013 presente in Bitwarden Server, noto software open source di gestione delle password. Tale vulnerabilit\u00e0, qualora sfruttata, potrebbe consentire ad un utente malintenzionato, appartenente alla stessa organizzazione e in presenza di specifiche condizioni, di eludere dei meccanismi di sicurezza e di accedere ad informazioni riservate sui sistemi target.", "creation_timestamp": "2026-07-10T01:00:49.182665Z"}</description>
      <content:encoded>{"uuid": "e3699b3e-9279-4ac7-8d91-ac69c4932fec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60104", "type": "seen", "source": "https://www.acn.gov.it/portale/w/bitwarden-poc-pubblico-per-lo-sfruttamento-di-una-nuova-vulnerabilita", "content": "Disponibile un Proof of Concept (PoC) per la vulnerabilit\u00e0 identificata tramite la CVE-2026-60104 \u2013 gi\u00e0 sanata dal vendor \u2013 presente in Bitwarden Server, noto software open source di gestione delle password. Tale vulnerabilit\u00e0, qualora sfruttata, potrebbe consentire ad un utente malintenzionato, appartenente alla stessa organizzazione e in presenza di specifiche condizioni, di eludere dei meccanismi di sicurezza e di accedere ad informazioni riservate sui sistemi target.", "creation_timestamp": "2026-07-10T01:00:49.182665Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e3699b3e-9279-4ac7-8d91-ac69c4932fec/export</guid>
      <pubDate>Fri, 10 Jul 2026 01:00:49 +0000</pubDate>
    </item>
    <item>
      <title>03459ebe-6c8d-4287-ae61-bbcb4ae2f0c7</title>
      <link>https://vulnerability.circl.lu/sighting/03459ebe-6c8d-4287-ae61-bbcb4ae2f0c7/export</link>
      <description>{"uuid": "03459ebe-6c8d-4287-ae61-bbcb4ae2f0c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60104", "type": "seen", "source": "https://www.acn.gov.it/portale/w/bitwarden-poc-pubblico-per-lo-sfruttamento-di-una-nuova-vulnerabilita", "content": "Disponibile un Proof of Concept (PoC) per la vulnerabilit\u00e0 identificata tramite la CVE-2026-60104 \u2013 gi\u00e0 sanata dal vendor \u2013 presente in Bitwarden Server, noto software open source di gestione delle password. Tale vulnerabilit\u00e0, qualora sfruttata, potrebbe consentire ad un utente malintenzionato, appartenente alla stessa organizzazione e in presenza di specifiche condizioni, di eludere dei meccanismi di sicurezza e di accedere ad informazioni riservate sui sistemi target.", "creation_timestamp": "2026-07-09T16:00:46.270100Z"}</description>
      <content:encoded>{"uuid": "03459ebe-6c8d-4287-ae61-bbcb4ae2f0c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60104", "type": "seen", "source": "https://www.acn.gov.it/portale/w/bitwarden-poc-pubblico-per-lo-sfruttamento-di-una-nuova-vulnerabilita", "content": "Disponibile un Proof of Concept (PoC) per la vulnerabilit\u00e0 identificata tramite la CVE-2026-60104 \u2013 gi\u00e0 sanata dal vendor \u2013 presente in Bitwarden Server, noto software open source di gestione delle password. Tale vulnerabilit\u00e0, qualora sfruttata, potrebbe consentire ad un utente malintenzionato, appartenente alla stessa organizzazione e in presenza di specifiche condizioni, di eludere dei meccanismi di sicurezza e di accedere ad informazioni riservate sui sistemi target.", "creation_timestamp": "2026-07-09T16:00:46.270100Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/03459ebe-6c8d-4287-ae61-bbcb4ae2f0c7/export</guid>
      <pubDate>Thu, 09 Jul 2026 16:00:46 +0000</pubDate>
    </item>
    <item>
      <title>cfd2fc0d-df3e-4beb-a2b6-6f7f72f94dce</title>
      <link>https://vulnerability.circl.lu/sighting/cfd2fc0d-df3e-4beb-a2b6-6f7f72f94dce/export</link>
      <description>{"uuid": "cfd2fc0d-df3e-4beb-a2b6-6f7f72f94dce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60109", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq7vpbwwl62e", "content": "CVE-2026-60109 - Zeek\nCVE ID : CVE-2026-60109\n \n Published : July 9, 2026, 2:19 p.m. | 13\u00a0minutes ago\n \n Description : Zeek before 8.0.9 contains a null pointer dereference vulnerability in its Kerberos protocol analyzer that allows unauthenticated remote attackers to crash th...", "creation_timestamp": "2026-07-09T15:02:43.800873Z"}</description>
      <content:encoded>{"uuid": "cfd2fc0d-df3e-4beb-a2b6-6f7f72f94dce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60109", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq7vpbwwl62e", "content": "CVE-2026-60109 - Zeek\nCVE ID : CVE-2026-60109\n \n Published : July 9, 2026, 2:19 p.m. | 13\u00a0minutes ago\n \n Description : Zeek before 8.0.9 contains a null pointer dereference vulnerability in its Kerberos protocol analyzer that allows unauthenticated remote attackers to crash th...", "creation_timestamp": "2026-07-09T15:02:43.800873Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/cfd2fc0d-df3e-4beb-a2b6-6f7f72f94dce/export</guid>
      <pubDate>Thu, 09 Jul 2026 15:02:43 +0000</pubDate>
    </item>
    <item>
      <title>da2793aa-b1a0-40bd-950f-5579098d18a1</title>
      <link>https://vulnerability.circl.lu/sighting/da2793aa-b1a0-40bd-950f-5579098d18a1/export</link>
      <description>{"uuid": "da2793aa-b1a0-40bd-950f-5579098d18a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60108", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq7uliayso2l", "content": "CVE-2026-60108 - Zeek\nCVE ID : CVE-2026-60108\n \n Published : July 9, 2026, 2:16 p.m. | 15\u00a0minutes ago\n \n Description : Zeek before 8.0.9 contains an uncontrolled memory consumption vulnerability in the FTP analyzer that allows unauthenticated remote attackers to cause process ...", "creation_timestamp": "2026-07-09T14:42:42.594870Z"}</description>
      <content:encoded>{"uuid": "da2793aa-b1a0-40bd-950f-5579098d18a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60108", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq7uliayso2l", "content": "CVE-2026-60108 - Zeek\nCVE ID : CVE-2026-60108\n \n Published : July 9, 2026, 2:16 p.m. | 15\u00a0minutes ago\n \n Description : Zeek before 8.0.9 contains an uncontrolled memory consumption vulnerability in the FTP analyzer that allows unauthenticated remote attackers to cause process ...", "creation_timestamp": "2026-07-09T14:42:42.594870Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/da2793aa-b1a0-40bd-950f-5579098d18a1/export</guid>
      <pubDate>Thu, 09 Jul 2026 14:42:42 +0000</pubDate>
    </item>
    <item>
      <title>733f2082-b82c-4492-8375-b84c74afc557</title>
      <link>https://vulnerability.circl.lu/sighting/733f2082-b82c-4492-8375-b84c74afc557/export</link>
      <description>{"uuid": "733f2082-b82c-4492-8375-b84c74afc557", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60102", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq7dvi5afr25", "content": "CVE-2026-60102 - php-horde-vfs\nThe Horde Virtual File System API, used by some applications, has a security flaw that allows attackers to execute system commands by uploading malicious files. This means that\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#debian #Debian11 #CVE #infosec", "creation_timestamp": "2026-07-09T09:44:04.068440Z"}</description>
      <content:encoded>{"uuid": "733f2082-b82c-4492-8375-b84c74afc557", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60102", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq7dvi5afr25", "content": "CVE-2026-60102 - php-horde-vfs\nThe Horde Virtual File System API, used by some applications, has a security flaw that allows attackers to execute system commands by uploading malicious files. This means that\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#debian #Debian11 #CVE #infosec", "creation_timestamp": "2026-07-09T09:44:04.068440Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/733f2082-b82c-4492-8375-b84c74afc557/export</guid>
      <pubDate>Thu, 09 Jul 2026 09:44:04 +0000</pubDate>
    </item>
    <item>
      <title>68e60bfe-33de-4c89-9e83-54eadcfd8258</title>
      <link>https://vulnerability.circl.lu/sighting/68e60bfe-33de-4c89-9e83-54eadcfd8258/export</link>
      <description>{"uuid": "68e60bfe-33de-4c89-9e83-54eadcfd8258", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60105", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mq7cadytwy26", "content": "CVE-2026-60105 - CSRF in Monsta FTP before 2.14.5. Unauthenticated attackers can bypass IP blocklist via IPv4-mapped IPv6 addresses to trigger SSRF. CVSS 8.6. Patch unavailable; restrict access now. #CVE #infosec #cybersecurity\n\nhttps://www.valtersit.com/cve/CVE-2026-60105/", "creation_timestamp": "2026-07-09T09:14:21.520493Z"}</description>
      <content:encoded>{"uuid": "68e60bfe-33de-4c89-9e83-54eadcfd8258", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60105", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mq7cadytwy26", "content": "CVE-2026-60105 - CSRF in Monsta FTP before 2.14.5. Unauthenticated attackers can bypass IP blocklist via IPv4-mapped IPv6 addresses to trigger SSRF. CVSS 8.6. Patch unavailable; restrict access now. #CVE #infosec #cybersecurity\n\nhttps://www.valtersit.com/cve/CVE-2026-60105/", "creation_timestamp": "2026-07-09T09:14:21.520493Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/68e60bfe-33de-4c89-9e83-54eadcfd8258/export</guid>
      <pubDate>Thu, 09 Jul 2026 09:14:21 +0000</pubDate>
    </item>
    <item>
      <title>49b5daa5-589b-4e43-88e8-36e18daf8e49</title>
      <link>https://vulnerability.circl.lu/sighting/49b5daa5-589b-4e43-88e8-36e18daf8e49/export</link>
      <description>{"uuid": "49b5daa5-589b-4e43-88e8-36e18daf8e49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60104", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq6a547swj2z", "content": "CVE-2026-60104 - server\nIf you're using an older version of Bitwarden Server, a malicious user with limited privileges could gain access to another user's encrypted data and take control of their account.\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#server #bitwarden #CVE #infosec", "creation_timestamp": "2026-07-08T23:04:05.419307Z"}</description>
      <content:encoded>{"uuid": "49b5daa5-589b-4e43-88e8-36e18daf8e49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60104", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq6a547swj2z", "content": "CVE-2026-60104 - server\nIf you're using an older version of Bitwarden Server, a malicious user with limited privileges could gain access to another user's encrypted data and take control of their account.\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#server #bitwarden #CVE #infosec", "creation_timestamp": "2026-07-08T23:04:05.419307Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/49b5daa5-589b-4e43-88e8-36e18daf8e49/export</guid>
      <pubDate>Wed, 08 Jul 2026 23:04:05 +0000</pubDate>
    </item>
  </channel>
</rss>
