<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Thu, 09 Jul 2026 23:37:49 +0000</lastBuildDate>
    <item>
      <title>a33dd92f-4f07-4ac5-ad7c-944d0de44976</title>
      <link>https://vulnerability.circl.lu/sighting/a33dd92f-4f07-4ac5-ad7c-944d0de44976/export</link>
      <description>{"uuid": "a33dd92f-4f07-4ac5-ad7c-944d0de44976", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42496", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpywt27xh32s", "content": "CVE-2026-42496 - rootio-perl\nThe rootio-perl package in Debian 12 had a security issue that allowed unauthorized access to sensitive information. This has been fixed by Root in a recent update, and\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#rootioperl #RootDebian12 #CVE #infosec", "creation_timestamp": "2026-07-06T20:34:05.614362Z"}</description>
      <content:encoded>{"uuid": "a33dd92f-4f07-4ac5-ad7c-944d0de44976", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42496", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpywt27xh32s", "content": "CVE-2026-42496 - rootio-perl\nThe rootio-perl package in Debian 12 had a security issue that allowed unauthorized access to sensitive information. This has been fixed by Root in a recent update, and\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#rootioperl #RootDebian12 #CVE #infosec", "creation_timestamp": "2026-07-06T20:34:05.614362Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a33dd92f-4f07-4ac5-ad7c-944d0de44976/export</guid>
      <pubDate>Mon, 06 Jul 2026 20:34:05 +0000</pubDate>
    </item>
    <item>
      <title>28b59b8e-9efe-4598-93b0-433c30f1795b</title>
      <link>https://vulnerability.circl.lu/sighting/28b59b8e-9efe-4598-93b0-433c30f1795b/export</link>
      <description>{"uuid": "28b59b8e-9efe-4598-93b0-433c30f1795b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4249", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpy3dicdxy2n", "content": "CVE-2026-4249 - Denial of Service via Malicious JSON Payloads in Throttling Events in Multiple WSO2 Products Causing Persistent Service Disruption\nCVE ID : CVE-2026-4249\n \n Published : July 6, 2026, 11:16 a.m. | 31\u00a0minutes ago\n \n Description : The throttling event handling mec...", "creation_timestamp": "2026-07-06T12:22:12.107001Z"}</description>
      <content:encoded>{"uuid": "28b59b8e-9efe-4598-93b0-433c30f1795b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4249", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpy3dicdxy2n", "content": "CVE-2026-4249 - Denial of Service via Malicious JSON Payloads in Throttling Events in Multiple WSO2 Products Causing Persistent Service Disruption\nCVE ID : CVE-2026-4249\n \n Published : July 6, 2026, 11:16 a.m. | 31\u00a0minutes ago\n \n Description : The throttling event handling mec...", "creation_timestamp": "2026-07-06T12:22:12.107001Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/28b59b8e-9efe-4598-93b0-433c30f1795b/export</guid>
      <pubDate>Mon, 06 Jul 2026 12:22:12 +0000</pubDate>
    </item>
    <item>
      <title>dc876ac8-040d-47e0-85ec-708dc41d505b</title>
      <link>https://vulnerability.circl.lu/sighting/dc876ac8-040d-47e0-85ec-708dc41d505b/export</link>
      <description>{"uuid": "dc876ac8-040d-47e0-85ec-708dc41d505b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42496", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motmrathgt2r", "content": "\ud83d\udea8  ALERT: CVE-2026-42496\n\nCVSS 9.1/10\n\n\ud83d\udccb WHAT IT IS:\nArchive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory.\n\n_make_special_file() passes the tar header's linkname to symlink() without validating it against absolute paths or .. s", "creation_timestamp": "2026-06-22T00:26:01.719855Z"}</description>
      <content:encoded>{"uuid": "dc876ac8-040d-47e0-85ec-708dc41d505b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42496", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motmrathgt2r", "content": "\ud83d\udea8  ALERT: CVE-2026-42496\n\nCVSS 9.1/10\n\n\ud83d\udccb WHAT IT IS:\nArchive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory.\n\n_make_special_file() passes the tar header's linkname to symlink() without validating it against absolute paths or .. s", "creation_timestamp": "2026-06-22T00:26:01.719855Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/dc876ac8-040d-47e0-85ec-708dc41d505b/export</guid>
      <pubDate>Mon, 22 Jun 2026 00:26:01 +0000</pubDate>
    </item>
    <item>
      <title>1f3e7427-8be4-4224-843f-05d7ad70e51c</title>
      <link>https://vulnerability.circl.lu/sighting/1f3e7427-8be4-4224-843f-05d7ad70e51c/export</link>
      <description>{"uuid": "1f3e7427-8be4-4224-843f-05d7ad70e51c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42490", "type": "seen", "source": "https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-xen", "content": "", "creation_timestamp": "2026-06-10T04:24:52.000000Z"}</description>
      <content:encoded>{"uuid": "1f3e7427-8be4-4224-843f-05d7ad70e51c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42490", "type": "seen", "source": "https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-xen", "content": "", "creation_timestamp": "2026-06-10T04:24:52.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1f3e7427-8be4-4224-843f-05d7ad70e51c/export</guid>
      <pubDate>Wed, 10 Jun 2026 04:24:52 +0000</pubDate>
    </item>
    <item>
      <title>113925f8-77bb-4e40-a554-a256f813abf5</title>
      <link>https://vulnerability.circl.lu/sighting/113925f8-77bb-4e40-a554-a256f813abf5/export</link>
      <description>{"uuid": "113925f8-77bb-4e40-a554-a256f813abf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42490", "type": "seen", "source": "https://infosec.exchange/users/andersonc0d3/statuses/116720431315436112", "content": "Xen Security Advisory 491 v2 (CVE-2026-42487) - x86 HVM I/O port list traversal\nhttps://seclists.org/oss-sec/2026/q2/857\nXen Security Advisory 492 v3 (CVE-2026-42489,CVE-2026-42490) - domctl lock open to abuse\nhttps://seclists.org/oss-sec/2026/q2/858\nXen Security Advisory 493 v2 (CVE-2025-10263) - Arm: Completion of memory accesses not guaranteed by completion of a TLBI\nhttps://seclists.org/oss-sec/2026/q2/859", "creation_timestamp": "2026-06-09T13:41:01.482582Z"}</description>
      <content:encoded>{"uuid": "113925f8-77bb-4e40-a554-a256f813abf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42490", "type": "seen", "source": "https://infosec.exchange/users/andersonc0d3/statuses/116720431315436112", "content": "Xen Security Advisory 491 v2 (CVE-2026-42487) - x86 HVM I/O port list traversal\nhttps://seclists.org/oss-sec/2026/q2/857\nXen Security Advisory 492 v3 (CVE-2026-42489,CVE-2026-42490) - domctl lock open to abuse\nhttps://seclists.org/oss-sec/2026/q2/858\nXen Security Advisory 493 v2 (CVE-2025-10263) - Arm: Completion of memory accesses not guaranteed by completion of a TLBI\nhttps://seclists.org/oss-sec/2026/q2/859", "creation_timestamp": "2026-06-09T13:41:01.482582Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/113925f8-77bb-4e40-a554-a256f813abf5/export</guid>
      <pubDate>Tue, 09 Jun 2026 13:41:01 +0000</pubDate>
    </item>
    <item>
      <title>fa297b20-70ab-4da8-91e8-87a356f425b1</title>
      <link>https://vulnerability.circl.lu/sighting/fa297b20-70ab-4da8-91e8-87a356f425b1/export</link>
      <description>{"uuid": "fa297b20-70ab-4da8-91e8-87a356f425b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42490", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mnucoaa2ss26", "content": "Xen Security Advisory 492 v3 (CVE-2026-42489,CVE-2026-42490) - domctl lock open to abuse", "creation_timestamp": "2026-06-09T13:32:26.981926Z"}</description>
      <content:encoded>{"uuid": "fa297b20-70ab-4da8-91e8-87a356f425b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42490", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mnucoaa2ss26", "content": "Xen Security Advisory 492 v3 (CVE-2026-42489,CVE-2026-42490) - domctl lock open to abuse", "creation_timestamp": "2026-06-09T13:32:26.981926Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/fa297b20-70ab-4da8-91e8-87a356f425b1/export</guid>
      <pubDate>Tue, 09 Jun 2026 13:32:26 +0000</pubDate>
    </item>
    <item>
      <title>ba8aff35-4b2b-47c2-a02a-507558aadbad</title>
      <link>https://vulnerability.circl.lu/sighting/ba8aff35-4b2b-47c2-a02a-507558aadbad/export</link>
      <description>{"uuid": "ba8aff35-4b2b-47c2-a02a-507558aadbad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42499", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mmyigxrm6r2h", "content": "\ud83d\udd0d Lambda Watchdog detected that CVE-2026-42499 is no longer present in latest AWS Lambda base image scans. https://github.com/aws/aws-lambda-base-images/issues/537 #AWS #Lambda #Security #CVE #DevOps #SecOps", "creation_timestamp": "2026-05-29T12:01:13.125008Z"}</description>
      <content:encoded>{"uuid": "ba8aff35-4b2b-47c2-a02a-507558aadbad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42499", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mmyigxrm6r2h", "content": "\ud83d\udd0d Lambda Watchdog detected that CVE-2026-42499 is no longer present in latest AWS Lambda base image scans. https://github.com/aws/aws-lambda-base-images/issues/537 #AWS #Lambda #Security #CVE #DevOps #SecOps", "creation_timestamp": "2026-05-29T12:01:13.125008Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ba8aff35-4b2b-47c2-a02a-507558aadbad/export</guid>
      <pubDate>Fri, 29 May 2026 12:01:13 +0000</pubDate>
    </item>
    <item>
      <title>be5fb371-194e-401c-9c22-5404cbcbbaad</title>
      <link>https://vulnerability.circl.lu/sighting/be5fb371-194e-401c-9c22-5404cbcbbaad/export</link>
      <description>{"uuid": "be5fb371-194e-401c-9c22-5404cbcbbaad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42499", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mmvxxxwjde2y", "content": "\n\ud83d\udea8 New HIGH CVE detected in AWS Lambda \ud83d\udea8\nCVE-2026-42499 impacts libcap in 20 Lambda base images.\n\nDetails: https://github.com/aws/aws-lambda-base-images/issues/537\nMore: https://lambdawatchdog.com/\n\n#AWS #Lambda #CVE #CloudSecurity #Serverless", "creation_timestamp": "2026-05-28T12:01:10.362856Z"}</description>
      <content:encoded>{"uuid": "be5fb371-194e-401c-9c22-5404cbcbbaad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42499", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mmvxxxwjde2y", "content": "\n\ud83d\udea8 New HIGH CVE detected in AWS Lambda \ud83d\udea8\nCVE-2026-42499 impacts libcap in 20 Lambda base images.\n\nDetails: https://github.com/aws/aws-lambda-base-images/issues/537\nMore: https://lambdawatchdog.com/\n\n#AWS #Lambda #CVE #CloudSecurity #Serverless", "creation_timestamp": "2026-05-28T12:01:10.362856Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/be5fb371-194e-401c-9c22-5404cbcbbaad/export</guid>
      <pubDate>Thu, 28 May 2026 12:01:10 +0000</pubDate>
    </item>
    <item>
      <title>82e6f1b7-06c9-43bb-9675-b331cf02161e</title>
      <link>https://vulnerability.circl.lu/sighting/82e6f1b7-06c9-43bb-9675-b331cf02161e/export</link>
      <description>{"uuid": "82e6f1b7-06c9-43bb-9675-b331cf02161e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42497", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mmqmnt47gt2b", "content": "CVE-2026-42497: Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory", "creation_timestamp": "2026-05-26T08:55:19.933305Z"}</description>
      <content:encoded>{"uuid": "82e6f1b7-06c9-43bb-9675-b331cf02161e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42497", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mmqmnt47gt2b", "content": "CVE-2026-42497: Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory", "creation_timestamp": "2026-05-26T08:55:19.933305Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/82e6f1b7-06c9-43bb-9675-b331cf02161e/export</guid>
      <pubDate>Tue, 26 May 2026 08:55:19 +0000</pubDate>
    </item>
    <item>
      <title>1842dca3-967f-48d4-90bf-aa52d7960cd5</title>
      <link>https://vulnerability.circl.lu/sighting/1842dca3-967f-48d4-90bf-aa52d7960cd5/export</link>
      <description>{"uuid": "1842dca3-967f-48d4-90bf-aa52d7960cd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42496", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mmqmdp566n25", "content": "CVE-2026-42496: Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory", "creation_timestamp": "2026-05-26T08:49:40.075365Z"}</description>
      <content:encoded>{"uuid": "1842dca3-967f-48d4-90bf-aa52d7960cd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42496", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mmqmdp566n25", "content": "CVE-2026-42496: Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory", "creation_timestamp": "2026-05-26T08:49:40.075365Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1842dca3-967f-48d4-90bf-aa52d7960cd5/export</guid>
      <pubDate>Tue, 26 May 2026 08:49:40 +0000</pubDate>
    </item>
  </channel>
</rss>
