https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 04 Jun 2026 17:52:59 +0000 https://vulnerability.circl.lu/sighting/590a7519-2813-4f5f-a125-7ecc6d13edb5/export {"uuid": "590a7519-2813-4f5f-a125-7ecc6d13edb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42523", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mkorqf3ol323", "content": "Jenkins GitHub Plugin \u22641.46.0 hit by CRITICAL XSS (CVE-2026-42523). Authenticated users can inject malicious JS. Restrict permissions & monitor activity. Patch pending \u2014 see vendor advisory. https://radar.offseq.com/threat/cve-2026-42523-vulnerability-in-jenkins-project-je-d7de8e87 #OffSeq #Jenki...", "creation_timestamp": "2026-04-30T04:30:32.975574Z"} {"uuid": "590a7519-2813-4f5f-a125-7ecc6d13edb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42523", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mkorqf3ol323", "content": "Jenkins GitHub Plugin \u22641.46.0 hit by CRITICAL XSS (CVE-2026-42523). Authenticated users can inject malicious JS. Restrict permissions & monitor activity. Patch pending \u2014 see vendor advisory. https://radar.offseq.com/threat/cve-2026-42523-vulnerability-in-jenkins-project-je-d7de8e87 #OffSeq #Jenki...", "creation_timestamp": "2026-04-30T04:30:32.975574Z"} https://vulnerability.circl.lu/sighting/590a7519-2813-4f5f-a125-7ecc6d13edb5/export Thu, 30 Apr 2026 04:30:32 +0000 https://vulnerability.circl.lu/sighting/b4e6e87b-bdb2-42bb-a2a5-63d3612b0616/export {"uuid": "b4e6e87b-bdb2-42bb-a2a5-63d3612b0616", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42523", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116491775490142620", "content": "\ud83d\udea8 CRITICAL: Jenkins GitHub Plugin \u22641.46.0 has a stored XSS (CVE-2026-42523). Attackers with Overall/Read permission can run JS in users' browsers. Limit permissions & check vendor for patches. https://radar.offseq.com/threat/cve-2026-42523-vulnerability-in-jenkins-project-je-d7de8e87 #OffSeq #Jenkins #XSS #Vuln", "creation_timestamp": "2026-04-30T04:30:43.966268Z"} {"uuid": "b4e6e87b-bdb2-42bb-a2a5-63d3612b0616", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42523", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116491775490142620", "content": "\ud83d\udea8 CRITICAL: Jenkins GitHub Plugin \u22641.46.0 has a stored XSS (CVE-2026-42523). Attackers with Overall/Read permission can run JS in users' browsers. Limit permissions & check vendor for patches. https://radar.offseq.com/threat/cve-2026-42523-vulnerability-in-jenkins-project-je-d7de8e87 #OffSeq #Jenkins #XSS #Vuln", "creation_timestamp": "2026-04-30T04:30:43.966268Z"} https://vulnerability.circl.lu/sighting/b4e6e87b-bdb2-42bb-a2a5-63d3612b0616/export Thu, 30 Apr 2026 04:30:43 +0000 https://vulnerability.circl.lu/sighting/68d503cc-6b23-4664-9d13-1afefb20e934/export {"uuid": "68d503cc-6b23-4664-9d13-1afefb20e934", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42520", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mkqmsdd5lr2n", "content": "\ud83d\udfe0 CVE-2026-42520 - High (7.5)\n\nJenkins Credentials Binding Plugin 719.v80e905ef14eb_ and earlier does not sanitize file names fo...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42520/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-04-30T22:07:28.466945Z"} {"uuid": "68d503cc-6b23-4664-9d13-1afefb20e934", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42520", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mkqmsdd5lr2n", "content": "\ud83d\udfe0 CVE-2026-42520 - High (7.5)\n\nJenkins Credentials Binding Plugin 719.v80e905ef14eb_ and earlier does not sanitize file names fo...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42520/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-04-30T22:07:28.466945Z"} https://vulnerability.circl.lu/sighting/68d503cc-6b23-4664-9d13-1afefb20e934/export Thu, 30 Apr 2026 22:07:28 +0000 https://vulnerability.circl.lu/sighting/904b37fb-a01f-4c43-b52b-fc1f410d29e1/export {"uuid": "904b37fb-a01f-4c43-b52b-fc1f410d29e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42523", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mkqmskn7yy2z", "content": "\ud83d\udd34 CVE-2026-42523 - Critical (9)\n\nJenkins GitHub Plugin 1.46.0 and earlier improperly processes the current job URL as part of Java...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42523/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-04-30T22:07:35.976922Z"} {"uuid": "904b37fb-a01f-4c43-b52b-fc1f410d29e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42523", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mkqmskn7yy2z", "content": "\ud83d\udd34 CVE-2026-42523 - Critical (9)\n\nJenkins GitHub Plugin 1.46.0 and earlier improperly processes the current job URL as part of Java...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42523/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-04-30T22:07:35.976922Z"} https://vulnerability.circl.lu/sighting/904b37fb-a01f-4c43-b52b-fc1f410d29e1/export Thu, 30 Apr 2026 22:07:35 +0000 https://vulnerability.circl.lu/sighting/a70687f5-9ce6-4f01-89e9-df73aa543211/export {"uuid": "a70687f5-9ce6-4f01-89e9-df73aa543211", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42524", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mkqmssaozi2z", "content": "\ud83d\udfe0 CVE-2026-42524 - High (8)\n\nJenkins HTML Publisher Plugin 427 and earlier does not escape job name and URL in the legacy wrap...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42524/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-04-30T22:07:43.891399Z"} {"uuid": "a70687f5-9ce6-4f01-89e9-df73aa543211", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42524", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mkqmssaozi2z", "content": "\ud83d\udfe0 CVE-2026-42524 - High (8)\n\nJenkins HTML Publisher Plugin 427 and earlier does not escape job name and URL in the legacy wrap...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42524/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-04-30T22:07:43.891399Z"} https://vulnerability.circl.lu/sighting/a70687f5-9ce6-4f01-89e9-df73aa543211/export Thu, 30 Apr 2026 22:07:43 +0000 https://vulnerability.circl.lu/sighting/dcf3229f-482c-41aa-9db1-226dfd680da6/export {"uuid": "dcf3229f-482c-41aa-9db1-226dfd680da6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42524", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3ml574cgbfw2r", "content": "\ud83d\udccc CVE-2026-42524 - Jenkins HTML Publisher Plugin 427 and earlier does not escape job name and URL in the legacy wrapper file, resulting in a stored cross-site scripting ... https://www.cyberhub.blog/cves/CVE-2026-42524", "creation_timestamp": "2026-05-05T22:07:06.646586Z"} {"uuid": "dcf3229f-482c-41aa-9db1-226dfd680da6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42524", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3ml574cgbfw2r", "content": "\ud83d\udccc CVE-2026-42524 - Jenkins HTML Publisher Plugin 427 and earlier does not escape job name and URL in the legacy wrapper file, resulting in a stored cross-site scripting ... https://www.cyberhub.blog/cves/CVE-2026-42524", "creation_timestamp": "2026-05-05T22:07:06.646586Z"} https://vulnerability.circl.lu/sighting/dcf3229f-482c-41aa-9db1-226dfd680da6/export Tue, 05 May 2026 22:07:06 +0000 https://vulnerability.circl.lu/sighting/62b57abc-30e2-4251-8638-5530c472f213/export {"uuid": "62b57abc-30e2-4251-8638-5530c472f213", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42523", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3ml5zwmlcjd25", "content": "\ud83d\udccc CVE-2026-42523 - Jenkins GitHub Plugin 1.46.0 and earlier improperly processes the current job URL as part of JavaScript implementing validation of the feature \"GitHub... https://www.cyberhub.blog/cves/CVE-2026-42523", "creation_timestamp": "2026-05-06T06:07:07.363795Z"} {"uuid": "62b57abc-30e2-4251-8638-5530c472f213", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42523", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3ml5zwmlcjd25", "content": "\ud83d\udccc CVE-2026-42523 - Jenkins GitHub Plugin 1.46.0 and earlier improperly processes the current job URL as part of JavaScript implementing validation of the feature \"GitHub... https://www.cyberhub.blog/cves/CVE-2026-42523", "creation_timestamp": "2026-05-06T06:07:07.363795Z"} https://vulnerability.circl.lu/sighting/62b57abc-30e2-4251-8638-5530c472f213/export Wed, 06 May 2026 06:07:07 +0000 https://vulnerability.circl.lu/sighting/4393f11d-ce2c-472a-89e8-5ded2fc0a235/export {"uuid": "4393f11d-ce2c-472a-89e8-5ded2fc0a235", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42523", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mlqeqeikhi22", "content": "\u3010\u8106\u5f31\u6027\u60c5\u5831\u3011 CVE-2026-42523 Jenkins GitHub\u00a0Plugin\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\n\nJenkins GitHub Plugin 1.46.0\u4ee5\u524d\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u306f\u3001\"GitHub hook trigger for GITScm polling\"\u6a5f\u80fd\u306e\u691c\u8a3c\u3092\u5b9f\u88c5\u3059\u308bJavaScript\u306e\u4e00\u90e8\u3068\u3057\u3066\u3001", "creation_timestamp": "2026-05-13T13:08:23.742991Z"} {"uuid": "4393f11d-ce2c-472a-89e8-5ded2fc0a235", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42523", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mlqeqeikhi22", "content": "\u3010\u8106\u5f31\u6027\u60c5\u5831\u3011 CVE-2026-42523 Jenkins GitHub\u00a0Plugin\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\n\nJenkins GitHub Plugin 1.46.0\u4ee5\u524d\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u306f\u3001\"GitHub hook trigger for GITScm polling\"\u6a5f\u80fd\u306e\u691c\u8a3c\u3092\u5b9f\u88c5\u3059\u308bJavaScript\u306e\u4e00\u90e8\u3068\u3057\u3066\u3001", "creation_timestamp": "2026-05-13T13:08:23.742991Z"} https://vulnerability.circl.lu/sighting/4393f11d-ce2c-472a-89e8-5ded2fc0a235/export Wed, 13 May 2026 13:08:23 +0000 https://vulnerability.circl.lu/sighting/247696c8-6316-4fe4-92f8-596f765ffae9/export {"uuid": "247696c8-6316-4fe4-92f8-596f765ffae9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42526", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mma4tie6mk25", "content": "CVE-2026-42526: Apache Airflow Amazon provider: Prevent unauthorized access to team-scoped secrets in AWS Secrets Manager and SSM Parameter Store backends", "creation_timestamp": "2026-05-19T19:29:34.343945Z"} {"uuid": "247696c8-6316-4fe4-92f8-596f765ffae9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42526", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mma4tie6mk25", "content": "CVE-2026-42526: Apache Airflow Amazon provider: Prevent unauthorized access to team-scoped secrets in AWS Secrets Manager and SSM Parameter Store backends", "creation_timestamp": "2026-05-19T19:29:34.343945Z"} https://vulnerability.circl.lu/sighting/247696c8-6316-4fe4-92f8-596f765ffae9/export Tue, 19 May 2026 19:29:34 +0000 https://vulnerability.circl.lu/sighting/65c0991e-4188-4b26-a7a4-ee51063b8ee6/export {"uuid": "65c0991e-4188-4b26-a7a4-ee51063b8ee6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42526", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmahaomavt2t", "content": "CVE-2026-42526 - Apache Airflow Amazon provider: Prevent unauthorized access to team-scoped secrets in AWS Secrets Manager and SSM Parameter Store backends\nCVE ID : CVE-2026-42526\n \n Published : May 19, 2026, 8:16 p.m. | 1\u00a0hour, 58\u00a0minutes ago\n \n Description : In the AWS Secre...", "creation_timestamp": "2026-05-19T22:36:07.185048Z"} {"uuid": "65c0991e-4188-4b26-a7a4-ee51063b8ee6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42526", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmahaomavt2t", "content": "CVE-2026-42526 - Apache Airflow Amazon provider: Prevent unauthorized access to team-scoped secrets in AWS Secrets Manager and SSM Parameter Store backends\nCVE ID : CVE-2026-42526\n \n Published : May 19, 2026, 8:16 p.m. | 1\u00a0hour, 58\u00a0minutes ago\n \n Description : In the AWS Secre...", "creation_timestamp": "2026-05-19T22:36:07.185048Z"} https://vulnerability.circl.lu/sighting/65c0991e-4188-4b26-a7a4-ee51063b8ee6/export Tue, 19 May 2026 22:36:07 +0000