<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Wed, 15 Jul 2026 18:40:23 +0000</lastBuildDate>
    <item>
      <title>538f99b4-88d2-4abd-83e7-13c8702f2e25</title>
      <link>https://vulnerability.circl.lu/sighting/538f99b4-88d2-4abd-83e7-13c8702f2e25/export</link>
      <description>{"uuid": "538f99b4-88d2-4abd-83e7-13c8702f2e25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4256", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq7v5f3nus2i", "content": "CVE-2026-4256 - LDAP Injection in PEAKUP's PassGate\nCVE ID : CVE-2026-4256\n \n Published : July 9, 2026, 2:16 p.m. | 16\u00a0minutes ago\n \n Description : Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in PEAKUP Technology Inc. Pass...", "creation_timestamp": "2026-07-09T14:52:43.133925Z"}</description>
      <content:encoded>{"uuid": "538f99b4-88d2-4abd-83e7-13c8702f2e25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4256", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq7v5f3nus2i", "content": "CVE-2026-4256 - LDAP Injection in PEAKUP's PassGate\nCVE ID : CVE-2026-4256\n \n Published : July 9, 2026, 2:16 p.m. | 16\u00a0minutes ago\n \n Description : Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in PEAKUP Technology Inc. Pass...", "creation_timestamp": "2026-07-09T14:52:43.133925Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/538f99b4-88d2-4abd-83e7-13c8702f2e25/export</guid>
      <pubDate>Thu, 09 Jul 2026 14:52:43 +0000</pubDate>
    </item>
    <item>
      <title>eacaa05a-9346-4a05-a951-47f8ff4c426b</title>
      <link>https://vulnerability.circl.lu/sighting/eacaa05a-9346-4a05-a951-47f8ff4c426b/export</link>
      <description>{"uuid": "eacaa05a-9346-4a05-a951-47f8ff4c426b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42562", "type": "seen", "source": "https://gist.github.com/ImTopz/33a987bda3c2850a7e9f373a49b245a7", "content": "# Defensive Analysis: CVE-2026-42562 in Plainpad\n\n## Summary\n\nCVE-2026-42562 is a privilege-management issue in Plainpad, a self-hosted PHP note-taking application. The affected versions are Plainpad releases before 1.1.1.\n\nThe issue is a good example of a common web application mistake: a profile update endpoint accepted a privileged account field from user-controlled input. A low-privilege authenticated user could change role state that should only be controlled by an administrator.\n\nThis is a defensive review note. It does not include exploitation instructions. The goal is to document the affected versions, the authorization boundary, the upstream fix, and practical checks for developers and operators.\n\n## Affected Versions\n\n- Affected: Plainpad versions before 1.1.1\n- Fixed: Plainpad 1.1.1 and later\n\n## Public References\n\n- CVE AWG: https://cveawg.mitre.org/api/cve/CVE-2026-42562\n- NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-42562\n- GitHub Security Advisory: https://github.com/alextselegidis/plainpad/security/advisories/GHSA-pvfv-wvpm-q6f6\n- GitHub issue: https://github.com/alextselegidis/plainpad/issues/138\n- Patch commit: https://github.com/alextselegidis/plainpad/commit/9216a876d27b22c3d9259551636d803f7cb075fc\n- Plainpad 1.1.1 release: https://github.com/alextselegidis/plainpad/releases/tag/1.1.1\n\n## Root Cause Boundary\n\nThe vulnerable boundary was field-level authorization during user profile updates.\n\nIn a web application, it is not enough to check that a user is authenticated before accepting a profile update. The server also has to decide which fields that user is allowed to change. Normal profile fields and privileged role fields should not be treated the same way.\n\nFrom a defensive perspective, the relevant rules are:\n\n- A regular user may update their own profile data.\n- Only an administrator should be able to change administrative role state.\n- Privileged fields should be ignored, rejected, or handled through a separate admin-only path.\n- Server-side authorization must be based on the authenticated actor, not on values supplied by the request body.\n\n## Patch Review\n\nThe upstream patch changes the update path so that the authenticated actor is checked explicitly. It also gates the admin-role assignment behind an administrator check, instead of persisting that field directly from the request.\n\nThe release notes for 1.1.1 call out this fix as a privilege-escalation vulnerability where any authenticated user could grant themselves admin. The same release also includes other hardening work around account recovery and list sorting.\n\nAt a high level, the fix moves Plainpad from:\n\n- user update input can directly affect privileged role state\n\nto:\n\n- only an authenticated administrator can change that privileged field\n\nThat is the right remediation shape. The important fix is not just input validation; it is authorization at the field level.\n\n## Defensive Validation Plan\n\nFor a system you own or are authorized to review:\n\n1. Identify the deployed Plainpad version.\n2. Check whether it is older than 1.1.1.\n3. Review the user update controller for privileged fields accepted from user input.\n4. Upgrade to Plainpad 1.1.1 or later.\n5. Confirm that normal users can still update normal profile fields.\n6. Confirm that normal users cannot change administrative role state.\n7. Review account and audit logs for unexpected role changes.\n\n## Operator Remediation\n\n- Upgrade to Plainpad 1.1.1 or later.\n- Review user accounts for unexpected administrator privileges.\n- Rotate credentials for accounts that had unexpected role changes.\n- Restrict access to the application while updating if compromise is suspected.\n- Add regression tests around field-level authorization for user update endpoints.\n\n## Why This Case Is Useful\n\nThis vulnerability is small enough to reason about clearly, but it represents a real class of web application bug. Many applications protect routes but forget that individual fields inside an allowed request may need separate authorization.\n\nCVE-2026-42562 is a useful reminder that profile update endpoints deserve careful review. The route can be legitimate, the user can be logged in, and the request can still contain fields that the actor should never be allowed to control.\n\n## Attribution\n\nOriginal reporter credit in the GitHub advisory belongs to `QiaoNPC`. This note is an independent defensive analysis and patch-validation summary based on public sources.\n\n## Status\n\nPublished by `ImTopz` for defensive review and CVP verification context.\n", "creation_timestamp": "2026-06-05T14:49:28.000000Z"}</description>
      <content:encoded>{"uuid": "eacaa05a-9346-4a05-a951-47f8ff4c426b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42562", "type": "seen", "source": "https://gist.github.com/ImTopz/33a987bda3c2850a7e9f373a49b245a7", "content": "# Defensive Analysis: CVE-2026-42562 in Plainpad\n\n## Summary\n\nCVE-2026-42562 is a privilege-management issue in Plainpad, a self-hosted PHP note-taking application. The affected versions are Plainpad releases before 1.1.1.\n\nThe issue is a good example of a common web application mistake: a profile update endpoint accepted a privileged account field from user-controlled input. A low-privilege authenticated user could change role state that should only be controlled by an administrator.\n\nThis is a defensive review note. It does not include exploitation instructions. The goal is to document the affected versions, the authorization boundary, the upstream fix, and practical checks for developers and operators.\n\n## Affected Versions\n\n- Affected: Plainpad versions before 1.1.1\n- Fixed: Plainpad 1.1.1 and later\n\n## Public References\n\n- CVE AWG: https://cveawg.mitre.org/api/cve/CVE-2026-42562\n- NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-42562\n- GitHub Security Advisory: https://github.com/alextselegidis/plainpad/security/advisories/GHSA-pvfv-wvpm-q6f6\n- GitHub issue: https://github.com/alextselegidis/plainpad/issues/138\n- Patch commit: https://github.com/alextselegidis/plainpad/commit/9216a876d27b22c3d9259551636d803f7cb075fc\n- Plainpad 1.1.1 release: https://github.com/alextselegidis/plainpad/releases/tag/1.1.1\n\n## Root Cause Boundary\n\nThe vulnerable boundary was field-level authorization during user profile updates.\n\nIn a web application, it is not enough to check that a user is authenticated before accepting a profile update. The server also has to decide which fields that user is allowed to change. Normal profile fields and privileged role fields should not be treated the same way.\n\nFrom a defensive perspective, the relevant rules are:\n\n- A regular user may update their own profile data.\n- Only an administrator should be able to change administrative role state.\n- Privileged fields should be ignored, rejected, or handled through a separate admin-only path.\n- Server-side authorization must be based on the authenticated actor, not on values supplied by the request body.\n\n## Patch Review\n\nThe upstream patch changes the update path so that the authenticated actor is checked explicitly. It also gates the admin-role assignment behind an administrator check, instead of persisting that field directly from the request.\n\nThe release notes for 1.1.1 call out this fix as a privilege-escalation vulnerability where any authenticated user could grant themselves admin. The same release also includes other hardening work around account recovery and list sorting.\n\nAt a high level, the fix moves Plainpad from:\n\n- user update input can directly affect privileged role state\n\nto:\n\n- only an authenticated administrator can change that privileged field\n\nThat is the right remediation shape. The important fix is not just input validation; it is authorization at the field level.\n\n## Defensive Validation Plan\n\nFor a system you own or are authorized to review:\n\n1. Identify the deployed Plainpad version.\n2. Check whether it is older than 1.1.1.\n3. Review the user update controller for privileged fields accepted from user input.\n4. Upgrade to Plainpad 1.1.1 or later.\n5. Confirm that normal users can still update normal profile fields.\n6. Confirm that normal users cannot change administrative role state.\n7. Review account and audit logs for unexpected role changes.\n\n## Operator Remediation\n\n- Upgrade to Plainpad 1.1.1 or later.\n- Review user accounts for unexpected administrator privileges.\n- Rotate credentials for accounts that had unexpected role changes.\n- Restrict access to the application while updating if compromise is suspected.\n- Add regression tests around field-level authorization for user update endpoints.\n\n## Why This Case Is Useful\n\nThis vulnerability is small enough to reason about clearly, but it represents a real class of web application bug. Many applications protect routes but forget that individual fields inside an allowed request may need separate authorization.\n\nCVE-2026-42562 is a useful reminder that profile update endpoints deserve careful review. The route can be legitimate, the user can be logged in, and the request can still contain fields that the actor should never be allowed to control.\n\n## Attribution\n\nOriginal reporter credit in the GitHub advisory belongs to `QiaoNPC`. This note is an independent defensive analysis and patch-validation summary based on public sources.\n\n## Status\n\nPublished by `ImTopz` for defensive review and CVP verification context.\n", "creation_timestamp": "2026-06-05T14:49:28.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/eacaa05a-9346-4a05-a951-47f8ff4c426b/export</guid>
      <pubDate>Fri, 05 Jun 2026 14:49:28 +0000</pubDate>
    </item>
    <item>
      <title>0e2ca2a8-2319-4933-83a9-0b56b8510f7a</title>
      <link>https://vulnerability.circl.lu/sighting/0e2ca2a8-2319-4933-83a9-0b56b8510f7a/export</link>
      <description>{"uuid": "0e2ca2a8-2319-4933-83a9-0b56b8510f7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42569", "type": "seen", "source": "https://gist.github.com/ImTopz/f2594fa5cfbb88d233b74eb182cef5cc", "content": "# Defensive Analysis: CVE-2026-42569 in phpVMS\n\n## Summary\n\nCVE-2026-42569 is a critical access-control issue in phpVMS, a PHP application used for virtual airline management. The affected versions are phpVMS releases before 7.0.6. The issue involved unauthenticated access to a deprecated legacy import feature that should not have remained reachable through normal web routing.\n\nThe impact is serious because importer and migration features can change application data. If that surface is exposed without authentication or authorization, operators can lose data integrity and availability. GitHub's advisory rates the issue as CVSS 3.1 9.4 Critical and maps it to CWE-284, CWE-306, and CWE-862.\n\nThis is a defensive review note. It does not include exploitation instructions. My goal is to document the affected versions, the failed trust boundary, the upstream fix, and practical checks operators can make after updating.\n\n## Affected Versions\n\n- Affected: phpVMS versions before 7.0.6\n- Fixed: phpVMS 7.0.6 and later\n- Follow-up release: 7.0.7\n\n## Public References\n\n- CVE AWG: https://cveawg.mitre.org/api/cve/CVE-2026-42569\n- NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-42569\n- GitHub Security Advisory: https://github.com/phpvms/phpvms/security/advisories/GHSA-fv26-4939-62fh\n- GitHub Advisory Database: https://github.com/advisories/GHSA-fv26-4939-62fh\n- Patch commit: https://github.com/phpvms/phpvms/commit/f59ba8e0e8fc25c60c3faf14e526cfd49df3f7dc\n- phpVMS 7.0.6 release: https://github.com/phpvms/phpvms/releases/tag/7.0.6\n- phpVMS 7.0.7 release: https://github.com/phpvms/phpvms/releases/tag/7.0.7\n\n## Root Cause Boundary\n\nThis was an access-control failure around legacy web-facing importer functionality. It was not a browser-side script issue or a memory-corruption issue.\n\nThe important boundary is straightforward:\n\n- Migration and importer features should not remain exposed in normal production routes.\n- Critical data-changing paths must require authentication and authorization.\n- Deprecated setup or compatibility code should be removed, disabled by default, or protected behind an explicit operator-controlled gate.\n\nThe upstream advisory states that parts of the deprecated importer remained accessible and operational. The fix removes that web-facing importer exposure.\n\n## Patch Review\n\nThe patch commit removes the route mapping for the legacy importer and deletes associated importer views. The 7.0.6 release notes point to the advisory and state that the web-facing importer was removed. The 7.0.7 release repeats the advisory link and includes follow-up hardening around the installer.\n\nAt a high level, the fix moves phpVMS from:\n\n- legacy importer routes registered in the web application\n\nto:\n\n- legacy importer no longer exposed through web-facing routes\n\nThat is the right remediation shape for deprecated critical functionality. Removing the reachable surface is cleaner than trying to preserve it and add partial checks afterward.\n\n## Defensive Validation Plan\n\nFor a system you own or are authorized to review:\n\n1. Identify the deployed phpVMS version.\n2. Check whether it is older than 7.0.6.\n3. Review route registration or deployed release contents for legacy importer exposure.\n4. Upgrade to 7.0.6 or later, preferably 7.0.7 or newer.\n5. Confirm that the legacy importer is no longer web-facing.\n6. Review logs for unexpected access attempts to legacy importer paths.\n7. Back up application data before and after remediation.\n\n## Operator Remediation\n\n- Upgrade to phpVMS 7.0.6 or later.\n- Prefer the latest available 7.x release if it is compatible with the deployment.\n- If immediate upgrade is not possible, follow the mitigation guidance linked from the 7.0.6 / 7.0.7 release notes.\n- Restrict administrative, installer, importer, and migration paths at the web server or reverse proxy layer.\n- Review application logs for access to deprecated importer endpoints.\n- Keep backups available before making production changes.\n\n## Why This Case Is Useful\n\nAccess-control failures around legacy functionality are easy to miss in mature web applications. The primary login flow can be correct while an older installer, importer, debug route, or migration path remains reachable.\n\nCVE-2026-42569 is a compact example of why web application review needs both code review and deployment review. Code review catches route exposure and missing middleware. Deployment review catches whether deprecated paths are reachable in real environments. Patch review confirms whether the fix removes the exposed surface instead of only hiding it.\n\n## Attribution\n\nOriginal reporter credit in the GitHub advisory belongs to `peter-bosch`. This note is an independent defensive analysis and patch-validation summary based on public sources.\n\n## Status\n\nPublished by `ImTopz` for defensive review and CVP verification context.\n", "creation_timestamp": "2026-06-05T14:32:56.000000Z"}</description>
      <content:encoded>{"uuid": "0e2ca2a8-2319-4933-83a9-0b56b8510f7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42569", "type": "seen", "source": "https://gist.github.com/ImTopz/f2594fa5cfbb88d233b74eb182cef5cc", "content": "# Defensive Analysis: CVE-2026-42569 in phpVMS\n\n## Summary\n\nCVE-2026-42569 is a critical access-control issue in phpVMS, a PHP application used for virtual airline management. The affected versions are phpVMS releases before 7.0.6. The issue involved unauthenticated access to a deprecated legacy import feature that should not have remained reachable through normal web routing.\n\nThe impact is serious because importer and migration features can change application data. If that surface is exposed without authentication or authorization, operators can lose data integrity and availability. GitHub's advisory rates the issue as CVSS 3.1 9.4 Critical and maps it to CWE-284, CWE-306, and CWE-862.\n\nThis is a defensive review note. It does not include exploitation instructions. My goal is to document the affected versions, the failed trust boundary, the upstream fix, and practical checks operators can make after updating.\n\n## Affected Versions\n\n- Affected: phpVMS versions before 7.0.6\n- Fixed: phpVMS 7.0.6 and later\n- Follow-up release: 7.0.7\n\n## Public References\n\n- CVE AWG: https://cveawg.mitre.org/api/cve/CVE-2026-42569\n- NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-42569\n- GitHub Security Advisory: https://github.com/phpvms/phpvms/security/advisories/GHSA-fv26-4939-62fh\n- GitHub Advisory Database: https://github.com/advisories/GHSA-fv26-4939-62fh\n- Patch commit: https://github.com/phpvms/phpvms/commit/f59ba8e0e8fc25c60c3faf14e526cfd49df3f7dc\n- phpVMS 7.0.6 release: https://github.com/phpvms/phpvms/releases/tag/7.0.6\n- phpVMS 7.0.7 release: https://github.com/phpvms/phpvms/releases/tag/7.0.7\n\n## Root Cause Boundary\n\nThis was an access-control failure around legacy web-facing importer functionality. It was not a browser-side script issue or a memory-corruption issue.\n\nThe important boundary is straightforward:\n\n- Migration and importer features should not remain exposed in normal production routes.\n- Critical data-changing paths must require authentication and authorization.\n- Deprecated setup or compatibility code should be removed, disabled by default, or protected behind an explicit operator-controlled gate.\n\nThe upstream advisory states that parts of the deprecated importer remained accessible and operational. The fix removes that web-facing importer exposure.\n\n## Patch Review\n\nThe patch commit removes the route mapping for the legacy importer and deletes associated importer views. The 7.0.6 release notes point to the advisory and state that the web-facing importer was removed. The 7.0.7 release repeats the advisory link and includes follow-up hardening around the installer.\n\nAt a high level, the fix moves phpVMS from:\n\n- legacy importer routes registered in the web application\n\nto:\n\n- legacy importer no longer exposed through web-facing routes\n\nThat is the right remediation shape for deprecated critical functionality. Removing the reachable surface is cleaner than trying to preserve it and add partial checks afterward.\n\n## Defensive Validation Plan\n\nFor a system you own or are authorized to review:\n\n1. Identify the deployed phpVMS version.\n2. Check whether it is older than 7.0.6.\n3. Review route registration or deployed release contents for legacy importer exposure.\n4. Upgrade to 7.0.6 or later, preferably 7.0.7 or newer.\n5. Confirm that the legacy importer is no longer web-facing.\n6. Review logs for unexpected access attempts to legacy importer paths.\n7. Back up application data before and after remediation.\n\n## Operator Remediation\n\n- Upgrade to phpVMS 7.0.6 or later.\n- Prefer the latest available 7.x release if it is compatible with the deployment.\n- If immediate upgrade is not possible, follow the mitigation guidance linked from the 7.0.6 / 7.0.7 release notes.\n- Restrict administrative, installer, importer, and migration paths at the web server or reverse proxy layer.\n- Review application logs for access to deprecated importer endpoints.\n- Keep backups available before making production changes.\n\n## Why This Case Is Useful\n\nAccess-control failures around legacy functionality are easy to miss in mature web applications. The primary login flow can be correct while an older installer, importer, debug route, or migration path remains reachable.\n\nCVE-2026-42569 is a compact example of why web application review needs both code review and deployment review. Code review catches route exposure and missing middleware. Deployment review catches whether deprecated paths are reachable in real environments. Patch review confirms whether the fix removes the exposed surface instead of only hiding it.\n\n## Attribution\n\nOriginal reporter credit in the GitHub advisory belongs to `peter-bosch`. This note is an independent defensive analysis and patch-validation summary based on public sources.\n\n## Status\n\nPublished by `ImTopz` for defensive review and CVP verification context.\n", "creation_timestamp": "2026-06-05T14:32:56.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0e2ca2a8-2319-4933-83a9-0b56b8510f7a/export</guid>
      <pubDate>Fri, 05 Jun 2026 14:32:56 +0000</pubDate>
    </item>
    <item>
      <title>38737330-c5aa-417d-8985-9eaa7cded006</title>
      <link>https://vulnerability.circl.lu/sighting/38737330-c5aa-417d-8985-9eaa7cded006/export</link>
      <description>{"uuid": "38737330-c5aa-417d-8985-9eaa7cded006", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42568", "type": "seen", "source": "Telegram/7Ee_ES1995AuZh7L7sqmaK3TqJ83qHuwNNd4oo-aSS2rD4M", "content": "", "creation_timestamp": "2026-05-29T21:00:04.000000Z"}</description>
      <content:encoded>{"uuid": "38737330-c5aa-417d-8985-9eaa7cded006", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42568", "type": "seen", "source": "Telegram/7Ee_ES1995AuZh7L7sqmaK3TqJ83qHuwNNd4oo-aSS2rD4M", "content": "", "creation_timestamp": "2026-05-29T21:00:04.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/38737330-c5aa-417d-8985-9eaa7cded006/export</guid>
      <pubDate>Fri, 29 May 2026 21:00:04 +0000</pubDate>
    </item>
    <item>
      <title>a4f260af-4038-4ca7-9631-c00174ed1a40</title>
      <link>https://vulnerability.circl.lu/sighting/a4f260af-4038-4ca7-9631-c00174ed1a40/export</link>
      <description>{"uuid": "a4f260af-4038-4ca7-9631-c00174ed1a40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42568", "type": "seen", "source": "Telegram/a86W4JR7O--z7UEFDSjPGooPu8cJg6Qw5misZZ2a8xOkaUM", "content": "", "creation_timestamp": "2026-05-29T15:00:15.000000Z"}</description>
      <content:encoded>{"uuid": "a4f260af-4038-4ca7-9631-c00174ed1a40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42568", "type": "seen", "source": "Telegram/a86W4JR7O--z7UEFDSjPGooPu8cJg6Qw5misZZ2a8xOkaUM", "content": "", "creation_timestamp": "2026-05-29T15:00:15.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a4f260af-4038-4ca7-9631-c00174ed1a40/export</guid>
      <pubDate>Fri, 29 May 2026 15:00:15 +0000</pubDate>
    </item>
    <item>
      <title>2038fec4-ae0e-4046-be99-242e7aada131</title>
      <link>https://vulnerability.circl.lu/sighting/2038fec4-ae0e-4046-be99-242e7aada131/export</link>
      <description>{"uuid": "2038fec4-ae0e-4046-be99-242e7aada131", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42563", "type": "published-proof-of-concept", "source": "https://github.com/jelmer/dulwich/security/advisories/GHSA-9277-mp7x-85jf", "content": "", "creation_timestamp": "2026-05-28T21:43:22.000000Z"}</description>
      <content:encoded>{"uuid": "2038fec4-ae0e-4046-be99-242e7aada131", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42563", "type": "published-proof-of-concept", "source": "https://github.com/jelmer/dulwich/security/advisories/GHSA-9277-mp7x-85jf", "content": "", "creation_timestamp": "2026-05-28T21:43:22.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/2038fec4-ae0e-4046-be99-242e7aada131/export</guid>
      <pubDate>Thu, 28 May 2026 21:43:22 +0000</pubDate>
    </item>
    <item>
      <title>0e1c3e45-d1fd-4d48-a68d-0cefaeb3bae5</title>
      <link>https://vulnerability.circl.lu/sighting/0e1c3e45-d1fd-4d48-a68d-0cefaeb3bae5/export</link>
      <description>{"uuid": "0e1c3e45-d1fd-4d48-a68d-0cefaeb3bae5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42568", "type": "published-proof-of-concept", "source": "https://github.com/yamcs/yamcs/security/advisories/GHSA-cqh3-jg8p-336j", "content": "", "creation_timestamp": "2026-05-21T15:03:27.000000Z"}</description>
      <content:encoded>{"uuid": "0e1c3e45-d1fd-4d48-a68d-0cefaeb3bae5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42568", "type": "published-proof-of-concept", "source": "https://github.com/yamcs/yamcs/security/advisories/GHSA-cqh3-jg8p-336j", "content": "", "creation_timestamp": "2026-05-21T15:03:27.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0e1c3e45-d1fd-4d48-a68d-0cefaeb3bae5/export</guid>
      <pubDate>Thu, 21 May 2026 15:03:27 +0000</pubDate>
    </item>
    <item>
      <title>422acaac-15e0-49a1-8ff5-a447021a82ce</title>
      <link>https://vulnerability.circl.lu/sighting/422acaac-15e0-49a1-8ff5-a447021a82ce/export</link>
      <description>{"uuid": "422acaac-15e0-49a1-8ff5-a447021a82ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42561", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlrmbeggip2h", "content": "CVE-2026-42561 - Python-Multipart: Denial of Service via unbounded multipart part headers\nCVE ID : CVE-2026-42561\n \n Published : May 13, 2026, 9:16 p.m. | 15\u00a0minutes ago\n \n Description : Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.27, python-multi...", "creation_timestamp": "2026-05-14T00:55:50.262137Z"}</description>
      <content:encoded>{"uuid": "422acaac-15e0-49a1-8ff5-a447021a82ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42561", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlrmbeggip2h", "content": "CVE-2026-42561 - Python-Multipart: Denial of Service via unbounded multipart part headers\nCVE ID : CVE-2026-42561\n \n Published : May 13, 2026, 9:16 p.m. | 15\u00a0minutes ago\n \n Description : Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.27, python-multi...", "creation_timestamp": "2026-05-14T00:55:50.262137Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/422acaac-15e0-49a1-8ff5-a447021a82ce/export</guid>
      <pubDate>Thu, 14 May 2026 00:55:50 +0000</pubDate>
    </item>
    <item>
      <title>8e734b68-2fed-4678-972b-85feab0df162</title>
      <link>https://vulnerability.circl.lu/sighting/8e734b68-2fed-4678-972b-85feab0df162/export</link>
      <description>{"uuid": "8e734b68-2fed-4678-972b-85feab0df162", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42564", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mln34rilvd2c", "content": "\ud83d\udfe0 CVE-2026-42564 - High (8.2)\n\njotty\u00b7page is a self-hosted app for your checklists and notes. Prior to 1.22.0, an unauthenticat...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42564/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-12T05:38:24.446145Z"}</description>
      <content:encoded>{"uuid": "8e734b68-2fed-4678-972b-85feab0df162", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42564", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mln34rilvd2c", "content": "\ud83d\udfe0 CVE-2026-42564 - High (8.2)\n\njotty\u00b7page is a self-hosted app for your checklists and notes. Prior to 1.22.0, an unauthenticat...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42564/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-12T05:38:24.446145Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/8e734b68-2fed-4678-972b-85feab0df162/export</guid>
      <pubDate>Tue, 12 May 2026 05:38:24 +0000</pubDate>
    </item>
    <item>
      <title>d50dbe17-2b28-48bc-8442-a1a7ffcb8f85</title>
      <link>https://vulnerability.circl.lu/sighting/d50dbe17-2b28-48bc-8442-a1a7ffcb8f85/export</link>
      <description>{"uuid": "d50dbe17-2b28-48bc-8442-a1a7ffcb8f85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42569", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-42569.yaml", "content": "", "creation_timestamp": "2026-05-12T02:44:07.000000Z"}</description>
      <content:encoded>{"uuid": "d50dbe17-2b28-48bc-8442-a1a7ffcb8f85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42569", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-42569.yaml", "content": "", "creation_timestamp": "2026-05-12T02:44:07.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d50dbe17-2b28-48bc-8442-a1a7ffcb8f85/export</guid>
      <pubDate>Tue, 12 May 2026 02:44:07 +0000</pubDate>
    </item>
  </channel>
</rss>
