Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 03 Jun 2026 03:47:49 +0000 d14dbcae-dd61-48a1-9816-3dc6116bc0f9 https://vulnerability.circl.lu/sighting/d14dbcae-dd61-48a1-9816-3dc6116bc0f9/export {"uuid": "d14dbcae-dd61-48a1-9816-3dc6116bc0f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41948", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116599359441666989", "content": "\ud83d\udea8 CRITICAL: CVE-2026-41948 in langgenius Dify \u22641.14.1 enables authenticated users to bypass tenant path restrictions and access internal REST API endpoints. No patch yet \u2014 restrict API access & monitor logs. Details: https://radar.offseq.com/threat/cve-2026-41948-relative-path-traversal-in-langgeni-65e19181 #OffSeq #vulnerability #infosec", "creation_timestamp": "2026-05-19T04:30:31.475799Z"} {"uuid": "d14dbcae-dd61-48a1-9816-3dc6116bc0f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41948", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116599359441666989", "content": "\ud83d\udea8 CRITICAL: CVE-2026-41948 in langgenius Dify \u22641.14.1 enables authenticated users to bypass tenant path restrictions and access internal REST API endpoints. No patch yet \u2014 restrict API access & monitor logs. Details: https://radar.offseq.com/threat/cve-2026-41948-relative-path-traversal-in-langgeni-65e19181 #OffSeq #vulnerability #infosec", "creation_timestamp": "2026-05-19T04:30:31.475799Z"} https://vulnerability.circl.lu/sighting/d14dbcae-dd61-48a1-9816-3dc6116bc0f9/export Tue, 19 May 2026 04:30:31 +0000 a90f424b-35d4-4902-beab-2b409afac895 https://vulnerability.circl.lu/sighting/a90f424b-35d4-4902-beab-2b409afac895/export {"uuid": "a90f424b-35d4-4902-beab-2b409afac895", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41948", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116601058386037204", "content": "Some increased actor activities are shown targeting langgenius dify (CVE-2026-41948) https://vuldb.com/vuln/364479/cti", "creation_timestamp": "2026-05-19T11:42:34.853421Z"} {"uuid": "a90f424b-35d4-4902-beab-2b409afac895", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41948", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116601058386037204", "content": "Some increased actor activities are shown targeting langgenius dify (CVE-2026-41948) https://vuldb.com/vuln/364479/cti", "creation_timestamp": "2026-05-19T11:42:34.853421Z"} https://vulnerability.circl.lu/sighting/a90f424b-35d4-4902-beab-2b409afac895/export Tue, 19 May 2026 11:42:34 +0000 a8acbeb9-53be-415f-9162-3c831eae641d https://vulnerability.circl.lu/sighting/a8acbeb9-53be-415f-9162-3c831eae641d/export {"uuid": "a8acbeb9-53be-415f-9162-3c831eae641d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41948", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mn5g36dibt2g", "content": "\u3010\u8106\u5f31\u6027\u60c5\u5831\u3011 CVE-2026-41948 Dify 1.14.1\u304a\u3088\u3073\u305d\u308c\u4ee5\u524d\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\n\nDify\u306e\u30d0\u30fc\u30b8\u30e7\u30f31.14.1\u304a\u3088\u3073\u305d\u308c\u4ee5\u524d\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u306b\u306f\u3001\u8a8d\u8a3c\u3055\u308c\u305f\u30e6\u30fc\u30b6\u30fc\u304cPlugin Daemon\u306e\u5185\u90e8REST API\u306b\u8ee2\u9001\u3055\u308c\u308b\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u64cd\u4f5c\u3067\u304d\u308b\u30d1\u30b9\u30fb\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u306e\u8106\u5f31\u6027\u304c\u3042\u308a\u307e\u3059\u3002", "creation_timestamp": "2026-05-31T11:02:08.432753Z"} {"uuid": "a8acbeb9-53be-415f-9162-3c831eae641d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41948", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mn5g36dibt2g", "content": "\u3010\u8106\u5f31\u6027\u60c5\u5831\u3011 CVE-2026-41948 Dify 1.14.1\u304a\u3088\u3073\u305d\u308c\u4ee5\u524d\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\n\nDify\u306e\u30d0\u30fc\u30b8\u30e7\u30f31.14.1\u304a\u3088\u3073\u305d\u308c\u4ee5\u524d\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u306b\u306f\u3001\u8a8d\u8a3c\u3055\u308c\u305f\u30e6\u30fc\u30b6\u30fc\u304cPlugin Daemon\u306e\u5185\u90e8REST API\u306b\u8ee2\u9001\u3055\u308c\u308b\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u64cd\u4f5c\u3067\u304d\u308b\u30d1\u30b9\u30fb\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u306e\u8106\u5f31\u6027\u304c\u3042\u308a\u307e\u3059\u3002", "creation_timestamp": "2026-05-31T11:02:08.432753Z"} https://vulnerability.circl.lu/sighting/a8acbeb9-53be-415f-9162-3c831eae641d/export Sun, 31 May 2026 11:02:08 +0000