https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 25 Jun 2026 19:03:56 +0000 https://vulnerability.circl.lu/sighting/97c127c9-17ba-4ba1-8f21-83ed259a446b/export {"uuid": "97c127c9-17ba-4ba1-8f21-83ed259a446b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-13311", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mp3qussy5o2f", "content": "ljharb shell-quote <=1.8.4 has a HIGH severity flaw (CVE-2026-13311): attackers can block Node.js with crafted input, causing DoS. Upgrade to 1.8.5+ to mitigate. \ud83d\udd12 https://radar.offseq.com/threat/cve-2026-13311-cwe-407-inefficient-algorithmic-com-ed9f913ba365deea #OffSeq #NodeJS #Vulnerability", "creation_timestamp": "2026-06-25T06:00:31.047972Z"} {"uuid": "97c127c9-17ba-4ba1-8f21-83ed259a446b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-13311", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mp3qussy5o2f", "content": "ljharb shell-quote <=1.8.4 has a HIGH severity flaw (CVE-2026-13311): attackers can block Node.js with crafted input, causing DoS. Upgrade to 1.8.5+ to mitigate. \ud83d\udd12 https://radar.offseq.com/threat/cve-2026-13311-cwe-407-inefficient-algorithmic-com-ed9f913ba365deea #OffSeq #NodeJS #Vulnerability", "creation_timestamp": "2026-06-25T06:00:31.047972Z"} https://vulnerability.circl.lu/sighting/97c127c9-17ba-4ba1-8f21-83ed259a446b/export Thu, 25 Jun 2026 06:00:31 +0000 https://vulnerability.circl.lu/sighting/34d1d924-6819-4c29-b23a-6e6ca02d866f/export {"uuid": "34d1d924-6819-4c29-b23a-6e6ca02d866f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-13311", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116809218637128816", "content": "ljharb shell-quote <=1.8.4 is impacted by CVE-2026-13311 (HIGH). Inefficient parsing can let attackers trigger DoS by blocking the Node.js event loop. Patch to 1.8.5+ now! \ud83d\udee1\ufe0f https://radar.offseq.com/threat/cve-2026-13311-cwe-407-inefficient-algorithmic-com-ed9f913ba365deea #OffSeq #InfoSec #NodeJS #CVE202613311", "creation_timestamp": "2026-06-25T06:00:36.689490Z"} {"uuid": "34d1d924-6819-4c29-b23a-6e6ca02d866f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-13311", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116809218637128816", "content": "ljharb shell-quote <=1.8.4 is impacted by CVE-2026-13311 (HIGH). Inefficient parsing can let attackers trigger DoS by blocking the Node.js event loop. Patch to 1.8.5+ now! \ud83d\udee1\ufe0f https://radar.offseq.com/threat/cve-2026-13311-cwe-407-inefficient-algorithmic-com-ed9f913ba365deea #OffSeq #InfoSec #NodeJS #CVE202613311", "creation_timestamp": "2026-06-25T06:00:36.689490Z"} https://vulnerability.circl.lu/sighting/34d1d924-6819-4c29-b23a-6e6ca02d866f/export Thu, 25 Jun 2026 06:00:36 +0000 https://vulnerability.circl.lu/sighting/0853e8a6-adc9-4343-a942-7423cd5e961b/export {"uuid": "0853e8a6-adc9-4343-a942-7423cd5e961b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13311", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp3tfu46xc26", "content": "CVE-2026-13311 - shell-quote parse() is quadratic in token count, enabling denial of service\nCVE ID : CVE-2026-13311\n \n Published : June 25, 2026, 4:48 a.m. | 56\u00a0minutes ago\n \n Description : shell-quote prior to 1.8.5 finalizes parsed tokens in parse() using Array.prototype.co...", "creation_timestamp": "2026-06-25T06:45:49.251017Z"} {"uuid": "0853e8a6-adc9-4343-a942-7423cd5e961b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13311", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp3tfu46xc26", "content": "CVE-2026-13311 - shell-quote parse() is quadratic in token count, enabling denial of service\nCVE ID : CVE-2026-13311\n \n Published : June 25, 2026, 4:48 a.m. | 56\u00a0minutes ago\n \n Description : shell-quote prior to 1.8.5 finalizes parsed tokens in parse() using Array.prototype.co...", "creation_timestamp": "2026-06-25T06:45:49.251017Z"} https://vulnerability.circl.lu/sighting/0853e8a6-adc9-4343-a942-7423cd5e961b/export Thu, 25 Jun 2026 06:45:49 +0000