Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 07 Jun 2026 04:23:47 +0000 4bc4ad35-9c59-49ee-aa4f-eae68acd57cb https://vulnerability.circl.lu/sighting/4bc4ad35-9c59-49ee-aa4f-eae68acd57cb/export {"uuid": "4bc4ad35-9c59-49ee-aa4f-eae68acd57cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "seen", "source": "https://bsky.app/profile/lalgorisme.bsky.social/post/3mmvfhmokq32k", "content": "\ud83e\uddf5Durant uns 4 anys, qualsevol ha pogut descarregar imatges \"privades\" de Gitea sense compte ni contrasenya. Hi ha m\u00e9s de 30.000 inst\u00e0ncies afectades en 30 pa\u00efsos. L'etiqueta \"privat\" senzillament no funcionava com s'esperava al registre de contenidors.\nCVE-2026-27771", "creation_timestamp": "2026-05-28T06:29:55.050778Z"} {"uuid": "4bc4ad35-9c59-49ee-aa4f-eae68acd57cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "seen", "source": "https://bsky.app/profile/lalgorisme.bsky.social/post/3mmvfhmokq32k", "content": "\ud83e\uddf5Durant uns 4 anys, qualsevol ha pogut descarregar imatges \"privades\" de Gitea sense compte ni contrasenya. Hi ha m\u00e9s de 30.000 inst\u00e0ncies afectades en 30 pa\u00efsos. L'etiqueta \"privat\" senzillament no funcionava com s'esperava al registre de contenidors.\nCVE-2026-27771", "creation_timestamp": "2026-05-28T06:29:55.050778Z"} https://vulnerability.circl.lu/sighting/4bc4ad35-9c59-49ee-aa4f-eae68acd57cb/export Thu, 28 May 2026 06:29:55 +0000 42888755-3b01-43b1-9ba3-514be6ae9ee3 https://vulnerability.circl.lu/sighting/42888755-3b01-43b1-9ba3-514be6ae9ee3/export {"uuid": "42888755-3b01-43b1-9ba3-514be6ae9ee3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "seen", "source": "https://bsky.app/profile/lalgorisme.bsky.social/post/3mmvfhmoxgd2k", "content": "\ud83e\uddf5Durant uns 4 anys, qualsevol ha pogut descarregar imatges \"privades\" de Gitea sense compte ni contrasenya. Hi ha m\u00e9s de 30.000 inst\u00e0ncies afectades en 30 pa\u00efsos. L'etiqueta \"privat\" senzillament no funcionava com s'esperava al registre de contenidors.\nCVE-2026-27771", "creation_timestamp": "2026-05-28T06:29:55.589484Z"} {"uuid": "42888755-3b01-43b1-9ba3-514be6ae9ee3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "seen", "source": "https://bsky.app/profile/lalgorisme.bsky.social/post/3mmvfhmoxgd2k", "content": "\ud83e\uddf5Durant uns 4 anys, qualsevol ha pogut descarregar imatges \"privades\" de Gitea sense compte ni contrasenya. Hi ha m\u00e9s de 30.000 inst\u00e0ncies afectades en 30 pa\u00efsos. L'etiqueta \"privat\" senzillament no funcionava com s'esperava al registre de contenidors.\nCVE-2026-27771", "creation_timestamp": "2026-05-28T06:29:55.589484Z"} https://vulnerability.circl.lu/sighting/42888755-3b01-43b1-9ba3-514be6ae9ee3/export Thu, 28 May 2026 06:29:55 +0000 e2e6c796-918b-444d-bd29-1f4a6956067c https://vulnerability.circl.lu/sighting/e2e6c796-918b-444d-bd29-1f4a6956067c/export {"uuid": "e2e6c796-918b-444d-bd29-1f4a6956067c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "seen", "source": "https://bsky.app/profile/lalgorisme.bsky.social/post/3mmvfhmozet2k", "content": "\ud83e\uddf5Durant uns 4 anys, qualsevol ha pogut descarregar imatges \"privades\" de Gitea sense compte ni contrasenya. Hi ha m\u00e9s de 30.000 inst\u00e0ncies afectades en 30 pa\u00efsos. L'etiqueta \"privat\" senzillament no funcionava com s'esperava al registre de contenidors.\nCVE-2026-27771", "creation_timestamp": "2026-05-28T06:29:56.268314Z"} {"uuid": "e2e6c796-918b-444d-bd29-1f4a6956067c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "seen", "source": "https://bsky.app/profile/lalgorisme.bsky.social/post/3mmvfhmozet2k", "content": "\ud83e\uddf5Durant uns 4 anys, qualsevol ha pogut descarregar imatges \"privades\" de Gitea sense compte ni contrasenya. Hi ha m\u00e9s de 30.000 inst\u00e0ncies afectades en 30 pa\u00efsos. L'etiqueta \"privat\" senzillament no funcionava com s'esperava al registre de contenidors.\nCVE-2026-27771", "creation_timestamp": "2026-05-28T06:29:56.268314Z"} https://vulnerability.circl.lu/sighting/e2e6c796-918b-444d-bd29-1f4a6956067c/export Thu, 28 May 2026 06:29:56 +0000 edba9a30-cbaf-45c4-8d9b-9c96cbd196ad https://vulnerability.circl.lu/sighting/edba9a30-cbaf-45c4-8d9b-9c96cbd196ad/export {"uuid": "edba9a30-cbaf-45c4-8d9b-9c96cbd196ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "seen", "source": "https://bsky.app/profile/lalgorisme.bsky.social/post/3mmvfhmp3dd2k", "content": "\ud83e\uddf5Durant uns 4 anys, qualsevol ha pogut descarregar imatges \"privades\" de Gitea sense compte ni contrasenya. Hi ha m\u00e9s de 30.000 inst\u00e0ncies afectades en 30 pa\u00efsos. L'etiqueta \"privat\" senzillament no funcionava com s'esperava al registre de contenidors.\nCVE-2026-27771", "creation_timestamp": "2026-05-28T06:29:57.119670Z"} {"uuid": "edba9a30-cbaf-45c4-8d9b-9c96cbd196ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "seen", "source": "https://bsky.app/profile/lalgorisme.bsky.social/post/3mmvfhmp3dd2k", "content": "\ud83e\uddf5Durant uns 4 anys, qualsevol ha pogut descarregar imatges \"privades\" de Gitea sense compte ni contrasenya. Hi ha m\u00e9s de 30.000 inst\u00e0ncies afectades en 30 pa\u00efsos. L'etiqueta \"privat\" senzillament no funcionava com s'esperava al registre de contenidors.\nCVE-2026-27771", "creation_timestamp": "2026-05-28T06:29:57.119670Z"} https://vulnerability.circl.lu/sighting/edba9a30-cbaf-45c4-8d9b-9c96cbd196ad/export Thu, 28 May 2026 06:29:57 +0000 d1958074-f083-44a1-8a91-671eb24e03a1 https://vulnerability.circl.lu/sighting/d1958074-f083-44a1-8a91-671eb24e03a1/export {"uuid": "d1958074-f083-44a1-8a91-671eb24e03a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mmvwgj5era2p", "content": "CVE-2026-27771 let unauthenticated users pull private container images from affected Gitea instances via anonymous registry requests.\n", "creation_timestamp": "2026-05-28T11:33:31.603908Z"} {"uuid": "d1958074-f083-44a1-8a91-671eb24e03a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mmvwgj5era2p", "content": "CVE-2026-27771 let unauthenticated users pull private container images from affected Gitea instances via anonymous registry requests.\n", "creation_timestamp": "2026-05-28T11:33:31.603908Z"} https://vulnerability.circl.lu/sighting/d1958074-f083-44a1-8a91-671eb24e03a1/export Thu, 28 May 2026 11:33:31 +0000 07ab76e4-cf1a-43fa-b4b5-c363812a4731 https://vulnerability.circl.lu/sighting/07ab76e4-cf1a-43fa-b4b5-c363812a4731/export {"uuid": "07ab76e4-cf1a-43fa-b4b5-c363812a4731", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "seen", "source": "https://t.me/true_secator/8254", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 NoScope \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0441\u0435\u0440\u0432\u0438\u0441\u0435 Git Gitea, \u043c\u043e\u0433\u043b\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0447\u0430\u0441\u0442\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u0430\u043c \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u0438\u0437 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 30 000 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0439.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a\u00a0CVE-2026-27771 \u0438 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 \u0440\u0435\u0435\u0441\u0442\u0440 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 Gitea. Forgejo, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0439 \u0442\u0443 \u0436\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e, \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442. \u0414\u0440\u0443\u0433\u0438\u0435 \u0444\u043e\u0440\u043a\u0438, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043d\u0430 Gitea, \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b.\n\n\u0412 \u0432\u0438\u0434\u0443 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f \u043a \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438\u0441\u044c \u043a \u043e\u0431\u0440\u0430\u0437\u0430\u043c, \u043f\u043e\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u043c \u043a\u0430\u043a \u0447\u0430\u0441\u0442\u043d\u044b\u0435, \u0430 \u0440\u0435\u0435\u0441\u0442\u0440 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u043b \u0438\u0445 \u0432 \u043e\u0442\u0432\u0435\u0442 \u043d\u0430 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0435 \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b Docker/OCI \u043d\u0430 \u0441\u043b\u0438\u044f\u043d\u0438\u0435 \u0447\u0435\u0440\u0435\u0437 API \u0440\u0435\u0435\u0441\u0442\u0440\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u0434\u0435 Gitea \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0447\u0435\u0442\u044b\u0440\u0435 \u0433\u043e\u0434\u0430, \u043f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 1.26.2 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435.\n\n\u0420\u0435\u0435\u0441\u0442\u0440 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 Gitea \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u043b\u044e\u0431\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430, \u0431\u0435\u0437 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438, \u043f\u0430\u0440\u043e\u043b\u044f \u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0442\u044c \u043e\u0431\u0440\u0430\u0437\u044b \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u043d\u0430 \u043f\u0435\u0440\u0432\u044b\u0439 \u0432\u0437\u0433\u043b\u044f\u0434, \u0441\u0447\u0438\u0442\u0430\u043b\u0438\u0441\u044c \u0431\u044b \u0447\u0430\u0441\u0442\u043d\u044b\u043c\u0438, \u0438\u0437 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432, \u043a\u0430\u043a \u0435\u0441\u043b\u0438 \u0431\u044b \u043e\u043d\u0438 \u0431\u044b\u043b\u0438 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u0431\u0440\u0430\u0437\u044b \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u043c\u043e\u0433\u0443\u0442 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u0434, \u0441\u0435\u043a\u0440\u0435\u0442\u044b \u0438 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435, \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u0431\u0443\u0434\u0443\u0442 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u043c NoScope, \u043f\u043e\u0438\u0441\u043a \u0432 Shodan \u0432\u044b\u0434\u0430\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 34 000 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0438\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 Gitea. \u0418\u0437 \u043d\u0438\u0445 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e 93%, \u0438\u043b\u0438 31 750, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0443\u044f\u0437\u0432\u0438\u043c\u044b.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0439 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e 4000 \u0438\u0437 \u043d\u0438\u0445 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0438 \u0441\u043e\u0431\u043e\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043d\u0430 \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0438\u043b\u0438 VPS-\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u0445. \u041e\u043a\u043e\u043b\u043e 7000 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 \u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u043d\u0430 \u043f\u043e\u0440\u0442\u0443 Gitea \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c NoScope, \u0434\u0430\u043d\u043d\u044b\u0435 \u043e\u0434\u043d\u043e\u0437\u043d\u0430\u0447\u043d\u044b \u0438 \u044d\u0442\u043e \u043d\u0435 \u043c\u0430\u0448\u0438\u043d\u044b \u043e\u0431\u044b\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0430 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u043f\u0440\u0438\u043d\u044f\u0432\u0448\u0438\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u0440\u0430\u0437\u043c\u0435\u0441\u0442\u0438\u0442\u044c \u0441\u0432\u043e\u044e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043d\u0430 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0432\u044b\u0447\u0438\u0441\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u044f\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0440\u0430\u0431\u043e\u0447\u0438\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c Gitea \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1.26.2 \u0438\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0447\u0442\u043e\u0431\u044b \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a\u043e \u0432\u0441\u0435\u043c\u0443 \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0443 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u044d\u0442\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u043d\u0435 \u043f\u043e\u0434\u0445\u043e\u0434\u0438\u0442 \u0434\u043b\u044f \u0441\u043b\u0443\u0447\u0430\u0435\u0432, \u043a\u043e\u0433\u0434\u0430 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u044b \u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438; \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0432 \u0442\u0430\u043a\u043e\u0439 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0432\u0437\u0432\u0435\u0441\u0438\u0442\u044c \u0432\u0441\u0435 \u0437\u0430 \u0438 \u043f\u0440\u043e\u0442\u0438\u0432.", "creation_timestamp": "2026-05-28T14:43:19.000000Z"} {"uuid": "07ab76e4-cf1a-43fa-b4b5-c363812a4731", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "seen", "source": "https://t.me/true_secator/8254", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 NoScope \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0441\u0435\u0440\u0432\u0438\u0441\u0435 Git Gitea, \u043c\u043e\u0433\u043b\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0447\u0430\u0441\u0442\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u0430\u043c \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u0438\u0437 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 30 000 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0439.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a\u00a0CVE-2026-27771 \u0438 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 \u0440\u0435\u0435\u0441\u0442\u0440 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 Gitea. Forgejo, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0439 \u0442\u0443 \u0436\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e, \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442. \u0414\u0440\u0443\u0433\u0438\u0435 \u0444\u043e\u0440\u043a\u0438, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043d\u0430 Gitea, \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b.\n\n\u0412 \u0432\u0438\u0434\u0443 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f \u043a \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438\u0441\u044c \u043a \u043e\u0431\u0440\u0430\u0437\u0430\u043c, \u043f\u043e\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u043c \u043a\u0430\u043a \u0447\u0430\u0441\u0442\u043d\u044b\u0435, \u0430 \u0440\u0435\u0435\u0441\u0442\u0440 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u043b \u0438\u0445 \u0432 \u043e\u0442\u0432\u0435\u0442 \u043d\u0430 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0435 \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b Docker/OCI \u043d\u0430 \u0441\u043b\u0438\u044f\u043d\u0438\u0435 \u0447\u0435\u0440\u0435\u0437 API \u0440\u0435\u0435\u0441\u0442\u0440\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u0434\u0435 Gitea \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0447\u0435\u0442\u044b\u0440\u0435 \u0433\u043e\u0434\u0430, \u043f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 1.26.2 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435.\n\n\u0420\u0435\u0435\u0441\u0442\u0440 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 Gitea \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u043b\u044e\u0431\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430, \u0431\u0435\u0437 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438, \u043f\u0430\u0440\u043e\u043b\u044f \u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0442\u044c \u043e\u0431\u0440\u0430\u0437\u044b \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u043d\u0430 \u043f\u0435\u0440\u0432\u044b\u0439 \u0432\u0437\u0433\u043b\u044f\u0434, \u0441\u0447\u0438\u0442\u0430\u043b\u0438\u0441\u044c \u0431\u044b \u0447\u0430\u0441\u0442\u043d\u044b\u043c\u0438, \u0438\u0437 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432, \u043a\u0430\u043a \u0435\u0441\u043b\u0438 \u0431\u044b \u043e\u043d\u0438 \u0431\u044b\u043b\u0438 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u0431\u0440\u0430\u0437\u044b \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u043c\u043e\u0433\u0443\u0442 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u0434, \u0441\u0435\u043a\u0440\u0435\u0442\u044b \u0438 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435, \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u0431\u0443\u0434\u0443\u0442 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u043c NoScope, \u043f\u043e\u0438\u0441\u043a \u0432 Shodan \u0432\u044b\u0434\u0430\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 34 000 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0438\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 Gitea. \u0418\u0437 \u043d\u0438\u0445 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e 93%, \u0438\u043b\u0438 31 750, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0443\u044f\u0437\u0432\u0438\u043c\u044b.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0439 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e 4000 \u0438\u0437 \u043d\u0438\u0445 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0438 \u0441\u043e\u0431\u043e\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043d\u0430 \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0438\u043b\u0438 VPS-\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u0445. \u041e\u043a\u043e\u043b\u043e 7000 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 \u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u043d\u0430 \u043f\u043e\u0440\u0442\u0443 Gitea \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c NoScope, \u0434\u0430\u043d\u043d\u044b\u0435 \u043e\u0434\u043d\u043e\u0437\u043d\u0430\u0447\u043d\u044b \u0438 \u044d\u0442\u043e \u043d\u0435 \u043c\u0430\u0448\u0438\u043d\u044b \u043e\u0431\u044b\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0430 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u043f\u0440\u0438\u043d\u044f\u0432\u0448\u0438\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u0440\u0430\u0437\u043c\u0435\u0441\u0442\u0438\u0442\u044c \u0441\u0432\u043e\u044e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043d\u0430 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0432\u044b\u0447\u0438\u0441\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u044f\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0440\u0430\u0431\u043e\u0447\u0438\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c Gitea \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1.26.2 \u0438\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0447\u0442\u043e\u0431\u044b \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a\u043e \u0432\u0441\u0435\u043c\u0443 \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0443 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u044d\u0442\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u043d\u0435 \u043f\u043e\u0434\u0445\u043e\u0434\u0438\u0442 \u0434\u043b\u044f \u0441\u043b\u0443\u0447\u0430\u0435\u0432, \u043a\u043e\u0433\u0434\u0430 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u044b \u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438; \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0432 \u0442\u0430\u043a\u043e\u0439 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0432\u0437\u0432\u0435\u0441\u0438\u0442\u044c \u0432\u0441\u0435 \u0437\u0430 \u0438 \u043f\u0440\u043e\u0442\u0438\u0432.", "creation_timestamp": "2026-05-28T14:43:19.000000Z"} https://vulnerability.circl.lu/sighting/07ab76e4-cf1a-43fa-b4b5-c363812a4731/export Thu, 28 May 2026 14:43:19 +0000 5608d769-a0df-4f98-8dff-c70f47e953ef https://vulnerability.circl.lu/sighting/5608d769-a0df-4f98-8dff-c70f47e953ef/export {"uuid": "5608d769-a0df-4f98-8dff-c70f47e953ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "seen", "source": "https://bsky.app/profile/technoholic.bsky.social/post/3mmwdnbqbrc2j", "content": "Security flaw in Gitea (CVE-2026-27771) allows unauthenticated remote attackers to access private container images\u2014affects all versions before 1.26.2. Update now!", "creation_timestamp": "2026-05-28T15:29:56.553835Z"} {"uuid": "5608d769-a0df-4f98-8dff-c70f47e953ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "seen", "source": "https://bsky.app/profile/technoholic.bsky.social/post/3mmwdnbqbrc2j", "content": "Security flaw in Gitea (CVE-2026-27771) allows unauthenticated remote attackers to access private container images\u2014affects all versions before 1.26.2. Update now!", "creation_timestamp": "2026-05-28T15:29:56.553835Z"} https://vulnerability.circl.lu/sighting/5608d769-a0df-4f98-8dff-c70f47e953ef/export Thu, 28 May 2026 15:29:56 +0000 98a5b13c-5e70-4b2d-a2ca-65e8a39cc6ec https://vulnerability.circl.lu/sighting/98a5b13c-5e70-4b2d-a2ca-65e8a39cc6ec/export {"uuid": "98a5b13c-5e70-4b2d-a2ca-65e8a39cc6ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-27771", "type": "seen", "source": "https://bsky.app/profile/bladews.fosstodon.org.ap.brid.gy/post/3mmwebhvvdwq2", "content": "Gitea CVE-2026-27771: Private Container Images Were Never Private\n\nhttps://byteiota.com/gitea-cve-2026-27771-private-container-images-were-never-private/", "creation_timestamp": "2026-05-28T15:41:20.702207Z"} {"uuid": "98a5b13c-5e70-4b2d-a2ca-65e8a39cc6ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-27771", "type": "seen", "source": "https://bsky.app/profile/bladews.fosstodon.org.ap.brid.gy/post/3mmwebhvvdwq2", "content": "Gitea CVE-2026-27771: Private Container Images Were Never Private\n\nhttps://byteiota.com/gitea-cve-2026-27771-private-container-images-were-never-private/", "creation_timestamp": "2026-05-28T15:41:20.702207Z"} https://vulnerability.circl.lu/sighting/98a5b13c-5e70-4b2d-a2ca-65e8a39cc6ec/export Thu, 28 May 2026 15:41:20 +0000 3d12fba1-22b0-4c7b-9347-bba1a0806979 https://vulnerability.circl.lu/sighting/3d12fba1-22b0-4c7b-9347-bba1a0806979/export {"uuid": "3d12fba1-22b0-4c7b-9347-bba1a0806979", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-27771.yaml", "content": "", "creation_timestamp": "2026-05-30T13:12:12.000000Z"} {"uuid": "3d12fba1-22b0-4c7b-9347-bba1a0806979", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-27771.yaml", "content": "", "creation_timestamp": "2026-05-30T13:12:12.000000Z"} https://vulnerability.circl.lu/sighting/3d12fba1-22b0-4c7b-9347-bba1a0806979/export Sat, 30 May 2026 13:12:12 +0000 fc490583-35aa-4099-98e6-85111d59465a https://vulnerability.circl.lu/sighting/fc490583-35aa-4099-98e6-85111d59465a/export {"uuid": "fc490583-35aa-4099-98e6-85111d59465a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "seen", "source": "https://t.me/realcodeb0ss/450", "content": "[The Most Advanced In All The Earth and The World.]\n\nhttps://thehackernews.com/2026/05/gitea-vulnerability-exposes-private.html\n\nhttps://horizon3.ai/attack-research/vulnerabilities/cve-2026-27771/\n\nhttps://orca.security/resources/blog/gitea-container-registry-vulnerability/\n\n\nFofa : app=\"Gitea\" - (245,703 Records)\n\nShodan : http.html:\"Gitea\"\n\nProofs are posted in the comments,\nFor any problems, or to purchase VIP access and features, please contact: @uncodeboss\n\n\nThis content is shared strictly for authorized testing, educational, \nand research purposes only. It is not intended for malicious use. All techniques, tools, \nor information provided are meant to demonstrate security concepts and to raise awareness in a controlled and legal environment. \nPlease do not remove or flag this content, as it is shared responsibly for learning and academic purposes.", "creation_timestamp": "2026-05-31T14:13:54.000000Z"} {"uuid": "fc490583-35aa-4099-98e6-85111d59465a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-27771", "type": "seen", "source": "https://t.me/realcodeb0ss/450", "content": "[The Most Advanced In All The Earth and The World.]\n\nhttps://thehackernews.com/2026/05/gitea-vulnerability-exposes-private.html\n\nhttps://horizon3.ai/attack-research/vulnerabilities/cve-2026-27771/\n\nhttps://orca.security/resources/blog/gitea-container-registry-vulnerability/\n\n\nFofa : app=\"Gitea\" - (245,703 Records)\n\nShodan : http.html:\"Gitea\"\n\nProofs are posted in the comments,\nFor any problems, or to purchase VIP access and features, please contact: @uncodeboss\n\n\nThis content is shared strictly for authorized testing, educational, \nand research purposes only. It is not intended for malicious use. All techniques, tools, \nor information provided are meant to demonstrate security concepts and to raise awareness in a controlled and legal environment. \nPlease do not remove or flag this content, as it is shared responsibly for learning and academic purposes.", "creation_timestamp": "2026-05-31T14:13:54.000000Z"} https://vulnerability.circl.lu/sighting/fc490583-35aa-4099-98e6-85111d59465a/export Sun, 31 May 2026 14:13:54 +0000