https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 07 Jun 2026 23:21:06 +0000 https://vulnerability.circl.lu/sighting/1a0240ab-4f5a-4cd8-bc0a-6c58fef756c7/export {"uuid": "1a0240ab-4f5a-4cd8-bc0a-6c58fef756c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10629", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/116682615290341234", "content": ":dumpster_fire_gif: :blobcatpopcorn: :dumpster_fire_gif: \nhttps://github.com/xchg-rax-rax/vulnerability-research\n\nCVE-2026-10629Verizon IMS deployments were observed transmitting SIP signaling without integrity protection. REGISTER exchanges lacked Security-Client, Security-Server, and Security-Verify headers, and no ESP-encapsulated SIP traffic was detected during subsequent signaling such as INVITE, MESSAGE, BYE, and UPDATE. This pattern persisted across devices, operating systems, and network conditions, indicating a deliberate network configuration rather than a transient issue.\nPer 3GPP TS 33.203 and GSMA IR.92, SIP signaling between the UE and P-CSCF must be protected using IPsec ESP following IMS AKA authentication, with negotiation occurring during registration. The absence of this protection allows attackers to manipulate SIP signaling undetected, enabling call hijacking, spoofing, denial-of-service, and misrouting of emergency calls.\nVerizon initially acknowledged the issue and stated that integrity support would be available upon request and extended broadly later in the year. However, the company has since ceased participation in coordination, including follow-up discussions and draft review, and has not provided verifiable evidence of mitigation. As remediation remains unconfirmed, this disclosure proceeds to inform users of an ongoing security exposure.\nIndependent verification would require observation of successful SIP security negotiation, ESP-protected traffic, or official confirmation from Verizon.", "creation_timestamp": "2026-06-02T21:23:34.873409Z"} {"uuid": "1a0240ab-4f5a-4cd8-bc0a-6c58fef756c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10629", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/116682615290341234", "content": ":dumpster_fire_gif: :blobcatpopcorn: :dumpster_fire_gif: \nhttps://github.com/xchg-rax-rax/vulnerability-research\n\nCVE-2026-10629Verizon IMS deployments were observed transmitting SIP signaling without integrity protection. REGISTER exchanges lacked Security-Client, Security-Server, and Security-Verify headers, and no ESP-encapsulated SIP traffic was detected during subsequent signaling such as INVITE, MESSAGE, BYE, and UPDATE. This pattern persisted across devices, operating systems, and network conditions, indicating a deliberate network configuration rather than a transient issue.\nPer 3GPP TS 33.203 and GSMA IR.92, SIP signaling between the UE and P-CSCF must be protected using IPsec ESP following IMS AKA authentication, with negotiation occurring during registration. The absence of this protection allows attackers to manipulate SIP signaling undetected, enabling call hijacking, spoofing, denial-of-service, and misrouting of emergency calls.\nVerizon initially acknowledged the issue and stated that integrity support would be available upon request and extended broadly later in the year. However, the company has since ceased participation in coordination, including follow-up discussions and draft review, and has not provided verifiable evidence of mitigation. As remediation remains unconfirmed, this disclosure proceeds to inform users of an ongoing security exposure.\nIndependent verification would require observation of successful SIP security negotiation, ESP-protected traffic, or official confirmation from Verizon.", "creation_timestamp": "2026-06-02T21:23:34.873409Z"} https://vulnerability.circl.lu/sighting/1a0240ab-4f5a-4cd8-bc0a-6c58fef756c7/export Tue, 02 Jun 2026 21:23:34 +0000 https://vulnerability.circl.lu/sighting/70462710-2e73-4a9a-b736-28bbd2b4ec0c/export {"uuid": "70462710-2e73-4a9a-b736-28bbd2b4ec0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10629", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/116682616422398554", "content": ":dumpster_fire_gif: :blobcatpopcorn: :dumpster_fire_gif: \nhttps://www.kb.cert.org/vuls/id/615987\n\nCVE-2026-10629Verizon IMS deployments were observed transmitting SIP signaling without integrity protection. REGISTER exchanges lacked Security-Client, Security-Server, and Security-Verify headers, and no ESP-encapsulated SIP traffic was detected during subsequent signaling such as INVITE, MESSAGE, BYE, and UPDATE. This pattern persisted across devices, operating systems, and network conditions, indicating a deliberate network configuration rather than a transient issue.\nPer 3GPP TS 33.203 and GSMA IR.92, SIP signaling between the UE and P-CSCF must be protected using IPsec ESP following IMS AKA authentication, with negotiation occurring during registration. The absence of this protection allows attackers to manipulate SIP signaling undetected, enabling call hijacking, spoofing, denial-of-service, and misrouting of emergency calls.\nVerizon initially acknowledged the issue and stated that integrity support would be available upon request and extended broadly later in the year. However, the company has since ceased participation in coordination, including follow-up discussions and draft review, and has not provided verifiable evidence of mitigation. As remediation remains unconfirmed, this disclosure proceeds to inform users of an ongoing security exposure.\nIndependent verification would require observation of successful SIP security negotiation, ESP-protected traffic, or official confirmation from Verizon.", "creation_timestamp": "2026-06-02T21:23:59.171829Z"} {"uuid": "70462710-2e73-4a9a-b736-28bbd2b4ec0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10629", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/116682616422398554", "content": ":dumpster_fire_gif: :blobcatpopcorn: :dumpster_fire_gif: \nhttps://www.kb.cert.org/vuls/id/615987\n\nCVE-2026-10629Verizon IMS deployments were observed transmitting SIP signaling without integrity protection. REGISTER exchanges lacked Security-Client, Security-Server, and Security-Verify headers, and no ESP-encapsulated SIP traffic was detected during subsequent signaling such as INVITE, MESSAGE, BYE, and UPDATE. This pattern persisted across devices, operating systems, and network conditions, indicating a deliberate network configuration rather than a transient issue.\nPer 3GPP TS 33.203 and GSMA IR.92, SIP signaling between the UE and P-CSCF must be protected using IPsec ESP following IMS AKA authentication, with negotiation occurring during registration. The absence of this protection allows attackers to manipulate SIP signaling undetected, enabling call hijacking, spoofing, denial-of-service, and misrouting of emergency calls.\nVerizon initially acknowledged the issue and stated that integrity support would be available upon request and extended broadly later in the year. However, the company has since ceased participation in coordination, including follow-up discussions and draft review, and has not provided verifiable evidence of mitigation. As remediation remains unconfirmed, this disclosure proceeds to inform users of an ongoing security exposure.\nIndependent verification would require observation of successful SIP security negotiation, ESP-protected traffic, or official confirmation from Verizon.", "creation_timestamp": "2026-06-02T21:23:59.171829Z"} https://vulnerability.circl.lu/sighting/70462710-2e73-4a9a-b736-28bbd2b4ec0c/export Tue, 02 Jun 2026 21:23:59 +0000 https://vulnerability.circl.lu/sighting/aecf2848-4625-4180-8641-d1e24589450d/export {"uuid": "aecf2848-4625-4180-8641-d1e24589450d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10629", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mndsmie4oo23", "content": "\ud83d\udd34 CVE-2026-10629 - Critical (9.1)\n\nSIP signaling stack in Verizon IMS (unspecified version) implements SIP signaling without IPsec i...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-10629/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-03T00:02:33.225428Z"} {"uuid": "aecf2848-4625-4180-8641-d1e24589450d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10629", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mndsmie4oo23", "content": "\ud83d\udd34 CVE-2026-10629 - Critical (9.1)\n\nSIP signaling stack in Verizon IMS (unspecified version) implements SIP signaling without IPsec i...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-10629/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-03T00:02:33.225428Z"} https://vulnerability.circl.lu/sighting/aecf2848-4625-4180-8641-d1e24589450d/export Wed, 03 Jun 2026 00:02:33 +0000 https://vulnerability.circl.lu/sighting/20f3fad0-53d0-46d9-9d8e-a7fb92ab7ffc/export {"uuid": "20f3fad0-53d0-46d9-9d8e-a7fb92ab7ffc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10629", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mndtkjz2gx2w", "content": "\ud83d\udd34 CVE-2026-10629 - Critical (9.1)\n\nSIP signaling stack in Verizon IMS (unspecified version) implements SIP signaling without IPsec i...\n\nhttps://www.themasherwire.com/vulnerability/CVE-2026-10629/\n\n#infosec #potatosecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-03T00:19:21.003798Z"} {"uuid": "20f3fad0-53d0-46d9-9d8e-a7fb92ab7ffc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10629", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mndtkjz2gx2w", "content": "\ud83d\udd34 CVE-2026-10629 - Critical (9.1)\n\nSIP signaling stack in Verizon IMS (unspecified version) implements SIP signaling without IPsec i...\n\nhttps://www.themasherwire.com/vulnerability/CVE-2026-10629/\n\n#infosec #potatosecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-03T00:19:21.003798Z"} https://vulnerability.circl.lu/sighting/20f3fad0-53d0-46d9-9d8e-a7fb92ab7ffc/export Wed, 03 Jun 2026 00:19:21 +0000