<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Wed, 15 Jul 2026 21:48:29 +0000</lastBuildDate>
    <item>
      <title>307578b4-18da-4520-82b9-d08a3075406b</title>
      <link>https://vulnerability.circl.lu/sighting/307578b4-18da-4520-82b9-d08a3075406b/export</link>
      <description>{"uuid": "307578b4-18da-4520-82b9-d08a3075406b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mqpnsfltmc2a", "content": "SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now\n\nSonicWall warns that threat actors have been exploiting two SMA1000 vulnerabilities, tracked as\u00a0CVE-2026-15409 and CVE-2026-15410, in zero-day attacks and urges customers to install the newly released secur\u2026\n#hackernews #news", "creation_timestamp": "2026-07-15T21:23:54.650367Z"}</description>
      <content:encoded>{"uuid": "307578b4-18da-4520-82b9-d08a3075406b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mqpnsfltmc2a", "content": "SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now\n\nSonicWall warns that threat actors have been exploiting two SMA1000 vulnerabilities, tracked as\u00a0CVE-2026-15409 and CVE-2026-15410, in zero-day attacks and urges customers to install the newly released secur\u2026\n#hackernews #news", "creation_timestamp": "2026-07-15T21:23:54.650367Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/307578b4-18da-4520-82b9-d08a3075406b/export</guid>
      <pubDate>Wed, 15 Jul 2026 21:23:54 +0000</pubDate>
    </item>
    <item>
      <title>5155f747-6f8d-4aa3-98b2-22c17fabdf6f</title>
      <link>https://vulnerability.circl.lu/sighting/5155f747-6f8d-4aa3-98b2-22c17fabdf6f/export</link>
      <description>{"uuid": "5155f747-6f8d-4aa3-98b2-22c17fabdf6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/newsfacts.bsky.social/post/3mqphhyi5aj2w", "content": "Zero-day kwetsbaarheden in SonicWall-apparaten bieden aanvallers een directe weg\n\nOnderzoekers van Rapid7 hebben ontdekt dat twee zero-day kwetsbaarheden, met de identificatienummers CVE-2026-15409 en CVE-2026-15410, sinds 22 juni 2026 actief worden uitgebuit. Deze kwetsbaarheden stellen aan...", "creation_timestamp": "2026-07-15T19:30:42.633123Z"}</description>
      <content:encoded>{"uuid": "5155f747-6f8d-4aa3-98b2-22c17fabdf6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/newsfacts.bsky.social/post/3mqphhyi5aj2w", "content": "Zero-day kwetsbaarheden in SonicWall-apparaten bieden aanvallers een directe weg\n\nOnderzoekers van Rapid7 hebben ontdekt dat twee zero-day kwetsbaarheden, met de identificatienummers CVE-2026-15409 en CVE-2026-15410, sinds 22 juni 2026 actief worden uitgebuit. Deze kwetsbaarheden stellen aan...", "creation_timestamp": "2026-07-15T19:30:42.633123Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5155f747-6f8d-4aa3-98b2-22c17fabdf6f/export</guid>
      <pubDate>Wed, 15 Jul 2026 19:30:42 +0000</pubDate>
    </item>
    <item>
      <title>81b28948-2cf8-4def-855e-902ffbda4c03</title>
      <link>https://vulnerability.circl.lu/sighting/81b28948-2cf8-4def-855e-902ffbda4c03/export</link>
      <description>{"uuid": "81b28948-2cf8-4def-855e-902ffbda4c03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://t.me/true_secator/8411", "content": "SonicWall \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 SMA1000 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0434\u0432\u0443\u0445 0-day, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-15409 \u0438 CVE-2026-15410.\n\nCVE-2026-15409 - \u044d\u0442\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f (CVSS 10.0) SSRF-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 SMA1000 Appliance Work Place, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0432 \u043d\u0435\u043f\u0440\u0435\u0434\u0443\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u043d\u044b\u0435 \u043c\u0435\u0441\u0442\u0430.\n\nCVE-2026-15410 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 (CVSS 7.2), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430 \u043f\u043e\u0441\u043b\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c SMA1000, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0443 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u041e\u0421.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2026-15410 \u0442\u0440\u0435\u0431\u0443\u044e\u0442\u0441\u044f \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, SonicWall \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b\u0430 \u044d\u0442\u043e\u043c\u0443 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044e \u043e\u0431\u0449\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 10,0.\n\n\u0412 SonicWall PSIRT \u043f\u0440\u043e\u0432\u0435\u043b\u0438 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u043e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u041e\u0434\u043d\u0430\u043a\u043e \u043d\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430, \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u044e\u0442 \u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u044d\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0443.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c, \u0447\u0442\u043e\u0431\u044b \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u043c\u043e\u0434\u0435\u043b\u0438 SMA1000 6210, 7210 \u0438 8200v, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0432\u0435\u0440\u0441\u0438\u0439 12.4.3-03245, 12.4.3-03387, 12.4.3-03434, 12.5.0-02283, 12.5.0-02624 \u0438 12.5.0-02800. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 12.4.3-03453 \u0438 12.5.0-02835, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043a\u0430\u043a \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442 SonicWall, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0432\u043b\u0438\u044f\u044e\u0442 \u043d\u0430 \u0440\u0430\u0431\u043e\u0442\u0443 SSL-VPN \u043d\u0430 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u0430\u0445 SonicWall \u0438\u043b\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 \u0441\u0435\u0440\u0438\u0438 SMA 100.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0430\u0441\u044c IOCs, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0442\u043e\u0433\u043e, \u0431\u044b\u043b\u043e \u043b\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043e, \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438:\n\n- \u0415\u0441\u043b\u0438 \u0432 \u0444\u0430\u0439\u043b\u0435 extraweb_access.log \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u044e\u0442\u0441\u044f \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043a /__api__/login \u0438\u043b\u0438 /__api__/logout \u0441\u043e \u0441\u0442\u0430\u0442\u0443\u0441\u043e\u043c HTTP 200;\n- \u0415\u0441\u043b\u0438 \u0432 \u0444\u0430\u0439\u043b\u0435 extraweb_access.log \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u044e\u0442\u0441\u044f \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043a /wsproxy \u0441 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u043c\u0438 \u0445\u043e\u0441\u0442\u0430 \u0438 HTTP-\u0441\u0442\u0430\u0442\u0443\u0441\u043e\u043c 101;\n- \u0415\u0441\u043b\u0438 \u0432 \u0444\u0430\u0439\u043b\u0435 ctrl-service.log \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u044e\u0442\u0441\u044f \u043e\u0442\u043a\u0430\u0442\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0441 \u0438\u043c\u0435\u043d\u0430\u043c\u0438, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0443\u0442\u0435\u043c \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438;\n- \u0415\u0441\u043b\u0438 \u0444\u0430\u0439\u043b /var/lib/unit/conf.json \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u044b \u0434\u043b\u044f /__api__/login \u0438\u043b\u0438 /__api__/logout (\u044d\u0442\u0438 URI \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0442 \u0432 \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438).\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 SonicWall \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043f\u0435\u0440\u0435\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u041e\u0421 \u043d\u0430 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0438\u043b\u0438 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0432\u0441\u0435 \u043f\u0430\u0440\u043e\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u0442\u043e\u043a\u0435\u043d\u044b TOTP.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043f\u043e\u043c\u0438\u043c\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0435\u0442. CISA \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 \u043e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (KEV), \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0432, \u0447\u0442\u043e \u043e\u043d\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.", "creation_timestamp": "2026-07-15T19:00:04.336022Z"}</description>
      <content:encoded>{"uuid": "81b28948-2cf8-4def-855e-902ffbda4c03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://t.me/true_secator/8411", "content": "SonicWall \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 SMA1000 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0434\u0432\u0443\u0445 0-day, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-15409 \u0438 CVE-2026-15410.\n\nCVE-2026-15409 - \u044d\u0442\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f (CVSS 10.0) SSRF-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 SMA1000 Appliance Work Place, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0432 \u043d\u0435\u043f\u0440\u0435\u0434\u0443\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u043d\u044b\u0435 \u043c\u0435\u0441\u0442\u0430.\n\nCVE-2026-15410 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 (CVSS 7.2), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430 \u043f\u043e\u0441\u043b\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c SMA1000, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0443 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u041e\u0421.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2026-15410 \u0442\u0440\u0435\u0431\u0443\u044e\u0442\u0441\u044f \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, SonicWall \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b\u0430 \u044d\u0442\u043e\u043c\u0443 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044e \u043e\u0431\u0449\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 10,0.\n\n\u0412 SonicWall PSIRT \u043f\u0440\u043e\u0432\u0435\u043b\u0438 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u043e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u041e\u0434\u043d\u0430\u043a\u043e \u043d\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430, \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u044e\u0442 \u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u044d\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0443.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c, \u0447\u0442\u043e\u0431\u044b \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u043c\u043e\u0434\u0435\u043b\u0438 SMA1000 6210, 7210 \u0438 8200v, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0432\u0435\u0440\u0441\u0438\u0439 12.4.3-03245, 12.4.3-03387, 12.4.3-03434, 12.5.0-02283, 12.5.0-02624 \u0438 12.5.0-02800. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 12.4.3-03453 \u0438 12.5.0-02835, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043a\u0430\u043a \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442 SonicWall, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0432\u043b\u0438\u044f\u044e\u0442 \u043d\u0430 \u0440\u0430\u0431\u043e\u0442\u0443 SSL-VPN \u043d\u0430 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u0430\u0445 SonicWall \u0438\u043b\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 \u0441\u0435\u0440\u0438\u0438 SMA 100.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0430\u0441\u044c IOCs, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0442\u043e\u0433\u043e, \u0431\u044b\u043b\u043e \u043b\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043e, \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438:\n\n- \u0415\u0441\u043b\u0438 \u0432 \u0444\u0430\u0439\u043b\u0435 extraweb_access.log \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u044e\u0442\u0441\u044f \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043a /__api__/login \u0438\u043b\u0438 /__api__/logout \u0441\u043e \u0441\u0442\u0430\u0442\u0443\u0441\u043e\u043c HTTP 200;\n- \u0415\u0441\u043b\u0438 \u0432 \u0444\u0430\u0439\u043b\u0435 extraweb_access.log \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u044e\u0442\u0441\u044f \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043a /wsproxy \u0441 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u043c\u0438 \u0445\u043e\u0441\u0442\u0430 \u0438 HTTP-\u0441\u0442\u0430\u0442\u0443\u0441\u043e\u043c 101;\n- \u0415\u0441\u043b\u0438 \u0432 \u0444\u0430\u0439\u043b\u0435 ctrl-service.log \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u044e\u0442\u0441\u044f \u043e\u0442\u043a\u0430\u0442\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0441 \u0438\u043c\u0435\u043d\u0430\u043c\u0438, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0443\u0442\u0435\u043c \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438;\n- \u0415\u0441\u043b\u0438 \u0444\u0430\u0439\u043b /var/lib/unit/conf.json \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u044b \u0434\u043b\u044f /__api__/login \u0438\u043b\u0438 /__api__/logout (\u044d\u0442\u0438 URI \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0442 \u0432 \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438).\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 SonicWall \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043f\u0435\u0440\u0435\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u041e\u0421 \u043d\u0430 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0438\u043b\u0438 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0432\u0441\u0435 \u043f\u0430\u0440\u043e\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u0442\u043e\u043a\u0435\u043d\u044b TOTP.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043f\u043e\u043c\u0438\u043c\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0435\u0442. CISA \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 \u043e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (KEV), \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0432, \u0447\u0442\u043e \u043e\u043d\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.", "creation_timestamp": "2026-07-15T19:00:04.336022Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/81b28948-2cf8-4def-855e-902ffbda4c03/export</guid>
      <pubDate>Wed, 15 Jul 2026 19:00:04 +0000</pubDate>
    </item>
    <item>
      <title>993081ee-4214-49ed-b736-1ce3eb55debb</title>
      <link>https://vulnerability.circl.lu/sighting/993081ee-4214-49ed-b736-1ce3eb55debb/export</link>
      <description>{"uuid": "993081ee-4214-49ed-b736-1ce3eb55debb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqpbi4hfxl23", "content": "SonicWall's Critical CVE-2026-15409 and CVE-2026-15410 Lack Robust Evidence for Urgent Action #CyberSecurity #Vulnerability #SonicWall", "creation_timestamp": "2026-07-15T17:43:24.720740Z"}</description>
      <content:encoded>{"uuid": "993081ee-4214-49ed-b736-1ce3eb55debb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqpbi4hfxl23", "content": "SonicWall's Critical CVE-2026-15409 and CVE-2026-15410 Lack Robust Evidence for Urgent Action #CyberSecurity #Vulnerability #SonicWall", "creation_timestamp": "2026-07-15T17:43:24.720740Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/993081ee-4214-49ed-b736-1ce3eb55debb/export</guid>
      <pubDate>Wed, 15 Jul 2026 17:43:24 +0000</pubDate>
    </item>
    <item>
      <title>63165223-7e89-4c89-b389-c1c2a3ef32c8</title>
      <link>https://vulnerability.circl.lu/sighting/63165223-7e89-4c89-b389-c1c2a3ef32c8/export</link>
      <description>{"uuid": "63165223-7e89-4c89-b389-c1c2a3ef32c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqpbhwudlv2b", "content": "CVE-2026-15409, CVE-2026-15410: SonicWall's New Zero Days Offer Attackers Direct Control #CyberSecurity #ZeroDay #SonicWall", "creation_timestamp": "2026-07-15T17:43:20.449474Z"}</description>
      <content:encoded>{"uuid": "63165223-7e89-4c89-b389-c1c2a3ef32c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqpbhwudlv2b", "content": "CVE-2026-15409, CVE-2026-15410: SonicWall's New Zero Days Offer Attackers Direct Control #CyberSecurity #ZeroDay #SonicWall", "creation_timestamp": "2026-07-15T17:43:20.449474Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/63165223-7e89-4c89-b389-c1c2a3ef32c8/export</guid>
      <pubDate>Wed, 15 Jul 2026 17:43:20 +0000</pubDate>
    </item>
    <item>
      <title>78bacb64-bae1-4182-a734-07e7ac199a2f</title>
      <link>https://vulnerability.circl.lu/sighting/78bacb64-bae1-4182-a734-07e7ac199a2f/export</link>
      <description>{"uuid": "78bacb64-bae1-4182-a734-07e7ac199a2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116925216109370301", "content": "SonicWall has addressed a critical vulnerability. This was posted yesterday: \nCVE-2026-15409 and CVE-2026-15410 https://psirt.global.sonicwall.com/vuln-list #infosec #SonicWall #vulnerability", "creation_timestamp": "2026-07-15T17:40:17.148126Z"}</description>
      <content:encoded>{"uuid": "78bacb64-bae1-4182-a734-07e7ac199a2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116925216109370301", "content": "SonicWall has addressed a critical vulnerability. This was posted yesterday: \nCVE-2026-15409 and CVE-2026-15410 https://psirt.global.sonicwall.com/vuln-list #infosec #SonicWall #vulnerability", "creation_timestamp": "2026-07-15T17:40:17.148126Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/78bacb64-bae1-4182-a734-07e7ac199a2f/export</guid>
      <pubDate>Wed, 15 Jul 2026 17:40:17 +0000</pubDate>
    </item>
    <item>
      <title>c2264999-639c-40bc-8211-531a2f304cfe</title>
      <link>https://vulnerability.circl.lu/sighting/c2264999-639c-40bc-8211-531a2f304cfe/export</link>
      <description>{"uuid": "c2264999-639c-40bc-8211-531a2f304cfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/thecybersecguru.com/post/3mqpavbw7tv2k", "content": "SonicWall Warns of Actively Exploited SMA 1000 Zero-Days as CISA Adds Flaws to KEV\u00a0Catalog\n\nSonicWall has patched two actively exploited SMA 1000 zero-day vulnerabilities, CVE-2026-15409 and CVE-2026-15410. CISA added both to\u2026\n\nhttps://thecybersecguru.com/news/sonicwall-sma-zero-day-cve-2026-15409/", "creation_timestamp": "2026-07-15T17:32:52.670307Z"}</description>
      <content:encoded>{"uuid": "c2264999-639c-40bc-8211-531a2f304cfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/thecybersecguru.com/post/3mqpavbw7tv2k", "content": "SonicWall Warns of Actively Exploited SMA 1000 Zero-Days as CISA Adds Flaws to KEV\u00a0Catalog\n\nSonicWall has patched two actively exploited SMA 1000 zero-day vulnerabilities, CVE-2026-15409 and CVE-2026-15410. CISA added both to\u2026\n\nhttps://thecybersecguru.com/news/sonicwall-sma-zero-day-cve-2026-15409/", "creation_timestamp": "2026-07-15T17:32:52.670307Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c2264999-639c-40bc-8211-531a2f304cfe/export</guid>
      <pubDate>Wed, 15 Jul 2026 17:32:52 +0000</pubDate>
    </item>
    <item>
      <title>fc505ef7-f747-4496-883e-38d5caa962a1</title>
      <link>https://vulnerability.circl.lu/sighting/fc505ef7-f747-4496-883e-38d5caa962a1/export</link>
      <description>{"uuid": "fc505ef7-f747-4496-883e-38d5caa962a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mqpaf24g5b2p", "content": "SonicWall has addressed two critical vulnerabilities (CVE-2026-15409, CVE-2026-15410) in its SMA 1000 Series appliances, which are being actively exploited. CVE-2026-15409 allows remote unauthenticated SSRF attacks, while CVE-2026-15410 permits remote code execution by authenticated admins.", "creation_timestamp": "2026-07-15T17:23:47.835686Z"}</description>
      <content:encoded>{"uuid": "fc505ef7-f747-4496-883e-38d5caa962a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mqpaf24g5b2p", "content": "SonicWall has addressed two critical vulnerabilities (CVE-2026-15409, CVE-2026-15410) in its SMA 1000 Series appliances, which are being actively exploited. CVE-2026-15409 allows remote unauthenticated SSRF attacks, while CVE-2026-15410 permits remote code execution by authenticated admins.", "creation_timestamp": "2026-07-15T17:23:47.835686Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/fc505ef7-f747-4496-883e-38d5caa962a1/export</guid>
      <pubDate>Wed, 15 Jul 2026 17:23:47 +0000</pubDate>
    </item>
    <item>
      <title>3faa577d-63d7-4739-825b-60ba457d17d3</title>
      <link>https://vulnerability.circl.lu/sighting/3faa577d-63d7-4739-825b-60ba457d17d3/export</link>
      <description>{"uuid": "3faa577d-63d7-4739-825b-60ba457d17d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://www.acn.gov.it/portale/w/sonicwall-rilevato-sfruttamento-attivo-di-nuove-vulnerabilita", "content": "", "creation_timestamp": "2026-07-15T16:45:04.712455Z"}</description>
      <content:encoded>{"uuid": "3faa577d-63d7-4739-825b-60ba457d17d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://www.acn.gov.it/portale/w/sonicwall-rilevato-sfruttamento-attivo-di-nuove-vulnerabilita", "content": "", "creation_timestamp": "2026-07-15T16:45:04.712455Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3faa577d-63d7-4739-825b-60ba457d17d3/export</guid>
      <pubDate>Wed, 15 Jul 2026 16:45:04 +0000</pubDate>
    </item>
    <item>
      <title>221aa8eb-0880-4c8e-abea-28c13d15b2c0</title>
      <link>https://vulnerability.circl.lu/sighting/221aa8eb-0880-4c8e-abea-28c13d15b2c0/export</link>
      <description>{"uuid": "221aa8eb-0880-4c8e-abea-28c13d15b2c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mqp5r6qzbs2a", "content": "SonicWall SMA appliances targeted in zero-day attacks (CVE-2026-15409, CVE-2026-15410)\n\nSonicWall has fixed two actively exploited vulnerabilities (CVE-2026-15409, CVE-2026-15410) affecting its Secure Mobile Access (SMA) 1000 Series appliances, and is urging customer organizations\u2026\n#hackernews #news", "creation_timestamp": "2026-07-15T16:36:54.425480Z"}</description>
      <content:encoded>{"uuid": "221aa8eb-0880-4c8e-abea-28c13d15b2c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15410", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mqp5r6qzbs2a", "content": "SonicWall SMA appliances targeted in zero-day attacks (CVE-2026-15409, CVE-2026-15410)\n\nSonicWall has fixed two actively exploited vulnerabilities (CVE-2026-15409, CVE-2026-15410) affecting its Secure Mobile Access (SMA) 1000 Series appliances, and is urging customer organizations\u2026\n#hackernews #news", "creation_timestamp": "2026-07-15T16:36:54.425480Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/221aa8eb-0880-4c8e-abea-28c13d15b2c0/export</guid>
      <pubDate>Wed, 15 Jul 2026 16:36:54 +0000</pubDate>
    </item>
  </channel>
</rss>
