https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 06 Jun 2026 00:45:33 +0000 https://vulnerability.circl.lu/sighting/0a2c81d8-eb2a-461a-bde5-39a13bd9d325/export {"uuid": "0a2c81d8-eb2a-461a-bde5-39a13bd9d325", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48207", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mmewkfjyo22j", "content": "CVE-2026-48207: Apache Fory: PyFory ReduceSerializer Incomplete Policy Enforcement", "creation_timestamp": "2026-05-21T17:20:27.138375Z"} {"uuid": "0a2c81d8-eb2a-461a-bde5-39a13bd9d325", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48207", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mmewkfjyo22j", "content": "CVE-2026-48207: Apache Fory: PyFory ReduceSerializer Incomplete Policy Enforcement", "creation_timestamp": "2026-05-21T17:20:27.138375Z"} https://vulnerability.circl.lu/sighting/0a2c81d8-eb2a-461a-bde5-39a13bd9d325/export Thu, 21 May 2026 17:20:27 +0000 https://vulnerability.circl.lu/sighting/d5fa70bc-63b8-433d-b452-1bab1dcf3ee3/export {"uuid": "d5fa70bc-63b8-433d-b452-1bab1dcf3ee3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48207", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmf4gxjw3k2o", "content": "CVE-2026-48207 - Apache Fory: PyFory ReduceSerializer Incomplete Policy Enforcement\nCVE ID : CVE-2026-48207\n \n Published : May 21, 2026, 5:16 p.m. | 1\u00a0hour, 2\u00a0minutes ago\n \n Description : Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could ...", "creation_timestamp": "2026-05-21T19:05:52.589410Z"} {"uuid": "d5fa70bc-63b8-433d-b452-1bab1dcf3ee3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48207", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmf4gxjw3k2o", "content": "CVE-2026-48207 - Apache Fory: PyFory ReduceSerializer Incomplete Policy Enforcement\nCVE ID : CVE-2026-48207\n \n Published : May 21, 2026, 5:16 p.m. | 1\u00a0hour, 2\u00a0minutes ago\n \n Description : Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could ...", "creation_timestamp": "2026-05-21T19:05:52.589410Z"} https://vulnerability.circl.lu/sighting/d5fa70bc-63b8-433d-b452-1bab1dcf3ee3/export Thu, 21 May 2026 19:05:52 +0000 https://vulnerability.circl.lu/sighting/c5920a12-d53f-4ac8-b789-8cd885c130d9/export {"uuid": "c5920a12-d53f-4ac8-b789-8cd885c130d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48207", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmf7jhprdt2n", "content": "\ud83d\udd34 CVE-2026-48207 - Critical (9.8)\n\nDeserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could bypass d...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48207/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-21T20:01:11.098097Z"} {"uuid": "c5920a12-d53f-4ac8-b789-8cd885c130d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48207", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmf7jhprdt2n", "content": "\ud83d\udd34 CVE-2026-48207 - Critical (9.8)\n\nDeserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could bypass d...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48207/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-21T20:01:11.098097Z"} https://vulnerability.circl.lu/sighting/c5920a12-d53f-4ac8-b789-8cd885c130d9/export Thu, 21 May 2026 20:01:11 +0000 https://vulnerability.circl.lu/sighting/c28ad8fc-0eb6-4761-828a-5044405ed670/export {"uuid": "c28ad8fc-0eb6-4761-828a-5044405ed670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48207", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mmfctgmtcc26", "content": "Apache Fory <1.0.0 hit by CRITICAL deserialization bug \u2014 attackers could bypass validation and execute code if strict mode is off. Upgrade to 1.0.0+ now! \ud83d\udea8 https://radar.offseq.com/threat/cve-2026-48207-cwe-502-deserialization-of-untruste-97a80f2c #OffSeq #CVE202648207 #AppSec", "creation_timestamp": "2026-05-21T21:00:13.889401Z"} {"uuid": "c28ad8fc-0eb6-4761-828a-5044405ed670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48207", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mmfctgmtcc26", "content": "Apache Fory <1.0.0 hit by CRITICAL deserialization bug \u2014 attackers could bypass validation and execute code if strict mode is off. Upgrade to 1.0.0+ now! \ud83d\udea8 https://radar.offseq.com/threat/cve-2026-48207-cwe-502-deserialization-of-untruste-97a80f2c #OffSeq #CVE202648207 #AppSec", "creation_timestamp": "2026-05-21T21:00:13.889401Z"} https://vulnerability.circl.lu/sighting/c28ad8fc-0eb6-4761-828a-5044405ed670/export Thu, 21 May 2026 21:00:13 +0000 https://vulnerability.circl.lu/sighting/ba7b4708-6638-4699-ab10-d730259bcf45/export {"uuid": "ba7b4708-6638-4699-ab10-d730259bcf45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48207", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116614575641457628", "content": "\ud83d\udea8 CRITICAL: CVE-2026-48207 in Apache Fory <1.0.0 \u2014 Deserialization flaw in PyFory ReduceSerializer bypasses DeserializationPolicy, risking RCE if strict mode is off. Upgrade to 1.0.0+ ASAP! https://radar.offseq.com/threat/cve-2026-48207-cwe-502-deserialization-of-untruste-97a80f2c #OffSeq #CVE202648207 #Vulnerability #ApacheFory", "creation_timestamp": "2026-05-21T21:00:19.017391Z"} {"uuid": "ba7b4708-6638-4699-ab10-d730259bcf45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48207", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116614575641457628", "content": "\ud83d\udea8 CRITICAL: CVE-2026-48207 in Apache Fory <1.0.0 \u2014 Deserialization flaw in PyFory ReduceSerializer bypasses DeserializationPolicy, risking RCE if strict mode is off. Upgrade to 1.0.0+ ASAP! https://radar.offseq.com/threat/cve-2026-48207-cwe-502-deserialization-of-untruste-97a80f2c #OffSeq #CVE202648207 #Vulnerability #ApacheFory", "creation_timestamp": "2026-05-21T21:00:19.017391Z"} https://vulnerability.circl.lu/sighting/ba7b4708-6638-4699-ab10-d730259bcf45/export Thu, 21 May 2026 21:00:19 +0000 https://vulnerability.circl.lu/sighting/1e1b9fc4-e4ad-4afb-83a8-558d82e0cc74/export {"uuid": "1e1b9fc4-e4ad-4afb-83a8-558d82e0cc74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48208", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mn7jhzub3w2z", "content": "CVE-2026-48208 - Denial-of-Service via SVG Rendering in Ticket\nCVE ID : CVE-2026-48208\n \n Published : June 1, 2026, 4:16 a.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : An improper neutralization of active SVG content in OTRS or ((OTRS)) Community Edition ticket article renderi...", "creation_timestamp": "2026-06-01T07:08:20.634095Z"} {"uuid": "1e1b9fc4-e4ad-4afb-83a8-558d82e0cc74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48208", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mn7jhzub3w2z", "content": "CVE-2026-48208 - Denial-of-Service via SVG Rendering in Ticket\nCVE ID : CVE-2026-48208\n \n Published : June 1, 2026, 4:16 a.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : An improper neutralization of active SVG content in OTRS or ((OTRS)) Community Edition ticket article renderi...", "creation_timestamp": "2026-06-01T07:08:20.634095Z"} https://vulnerability.circl.lu/sighting/1e1b9fc4-e4ad-4afb-83a8-558d82e0cc74/export Mon, 01 Jun 2026 07:08:20 +0000 https://vulnerability.circl.lu/sighting/a9455ee9-1b09-4e37-ad49-26dc09bfc6f5/export {"uuid": "a9455ee9-1b09-4e37-ad49-26dc09bfc6f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48209", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mn7jtf3e432e", "content": "CVE-2026-48209 - Reflected XSS in authenticated agent context\nCVE ID : CVE-2026-48209\n \n Published : June 1, 2026, 4:16 a.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : An improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling al...", "creation_timestamp": "2026-06-01T07:14:41.516939Z"} {"uuid": "a9455ee9-1b09-4e37-ad49-26dc09bfc6f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48209", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mn7jtf3e432e", "content": "CVE-2026-48209 - Reflected XSS in authenticated agent context\nCVE ID : CVE-2026-48209\n \n Published : June 1, 2026, 4:16 a.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : An improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling al...", "creation_timestamp": "2026-06-01T07:14:41.516939Z"} https://vulnerability.circl.lu/sighting/a9455ee9-1b09-4e37-ad49-26dc09bfc6f5/export Mon, 01 Jun 2026 07:14:41 +0000 https://vulnerability.circl.lu/sighting/a0d9eacc-b766-45e3-a35c-161b98c63d3a/export {"uuid": "a0d9eacc-b766-45e3-a35c-161b98c63d3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48208", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/86815", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-48208\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Habuon\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-01 11:44:15\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nThis is POC repo for CVE-2026-48208\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-06-01T12:00:04.000000Z"} {"uuid": "a0d9eacc-b766-45e3-a35c-161b98c63d3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48208", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/86815", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-48208\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Habuon\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-01 11:44:15\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nThis is POC repo for CVE-2026-48208\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-06-01T12:00:04.000000Z"} https://vulnerability.circl.lu/sighting/a0d9eacc-b766-45e3-a35c-161b98c63d3a/export Mon, 01 Jun 2026 12:00:04 +0000 https://vulnerability.circl.lu/sighting/c8e6fda7-547e-4ee4-b2fb-444530c16c90/export {"uuid": "c8e6fda7-547e-4ee4-b2fb-444530c16c90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48207", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mnjyepqdhn25", "content": "\u3010\u7dca\u6025\u3011CVE-2026-48207 Apache Fory\u306b\u6df1\u523b\u306a\u8106\u5f31\u6027\uff5c\u5373\u6642\u5bfe\u5fdc\u304c\u5fc5\u8981\n\nCVE-2026-48207 Apache Fory\u306ePyFory\u306b\u304a\u3044\u3066\u3001\u4fe1\u983c\u3067\u304d\u306a\u3044\u30c7\u30fc\u30bf\u306e\u9006\u30b7\u30ea\u30a2\u30eb\u5316\u304c\u767a\u751f\u3059\u308b\u8106\u5f31\u6027\u304c\u3042\u308a\u307e\u3059\u3002", "creation_timestamp": "2026-06-05T11:01:32.764166Z"} {"uuid": "c8e6fda7-547e-4ee4-b2fb-444530c16c90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48207", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mnjyepqdhn25", "content": "\u3010\u7dca\u6025\u3011CVE-2026-48207 Apache Fory\u306b\u6df1\u523b\u306a\u8106\u5f31\u6027\uff5c\u5373\u6642\u5bfe\u5fdc\u304c\u5fc5\u8981\n\nCVE-2026-48207 Apache Fory\u306ePyFory\u306b\u304a\u3044\u3066\u3001\u4fe1\u983c\u3067\u304d\u306a\u3044\u30c7\u30fc\u30bf\u306e\u9006\u30b7\u30ea\u30a2\u30eb\u5316\u304c\u767a\u751f\u3059\u308b\u8106\u5f31\u6027\u304c\u3042\u308a\u307e\u3059\u3002", "creation_timestamp": "2026-06-05T11:01:32.764166Z"} https://vulnerability.circl.lu/sighting/c8e6fda7-547e-4ee4-b2fb-444530c16c90/export Fri, 05 Jun 2026 11:01:32 +0000 https://vulnerability.circl.lu/sighting/d6881fdb-c3a3-4eed-9383-67697f7edff2/export {"uuid": "d6881fdb-c3a3-4eed-9383-67697f7edff2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48207", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mnjyepqdhn25", "content": "\u3010\u7dca\u6025\u3011CVE-2026-48207 Apache Fory\u306b\u6df1\u523b\u306a\u8106\u5f31\u6027\uff5c\u5373\u6642\u5bfe\u5fdc\u304c\u5fc5\u8981\n\nCVE-2026-48207 Apache Fory\u306ePyFory\u306b\u304a\u3044\u3066\u3001\u4fe1\u983c\u3067\u304d\u306a\u3044\u30c7\u30fc\u30bf\u306e\u9006\u30b7\u30ea\u30a2\u30eb\u5316\u304c\u767a\u751f\u3059\u308b\u8106\u5f31\u6027\u304c\u3042\u308a\u307e\u3059\u3002", "creation_timestamp": "2026-06-05T11:01:32.777086Z"} {"uuid": "d6881fdb-c3a3-4eed-9383-67697f7edff2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48207", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mnjyepqdhn25", "content": "\u3010\u7dca\u6025\u3011CVE-2026-48207 Apache Fory\u306b\u6df1\u523b\u306a\u8106\u5f31\u6027\uff5c\u5373\u6642\u5bfe\u5fdc\u304c\u5fc5\u8981\n\nCVE-2026-48207 Apache Fory\u306ePyFory\u306b\u304a\u3044\u3066\u3001\u4fe1\u983c\u3067\u304d\u306a\u3044\u30c7\u30fc\u30bf\u306e\u9006\u30b7\u30ea\u30a2\u30eb\u5316\u304c\u767a\u751f\u3059\u308b\u8106\u5f31\u6027\u304c\u3042\u308a\u307e\u3059\u3002", "creation_timestamp": "2026-06-05T11:01:32.777086Z"} https://vulnerability.circl.lu/sighting/d6881fdb-c3a3-4eed-9383-67697f7edff2/export Fri, 05 Jun 2026 11:01:32 +0000