Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 01 Jun 2026 02:23:28 +0000 f5e537dd-f190-4d94-872f-d8c2f4e5ed93 https://vulnerability.circl.lu/sighting/f5e537dd-f190-4d94-872f-d8c2f4e5ed93/export {"uuid": "f5e537dd-f190-4d94-872f-d8c2f4e5ed93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4852", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mjxj2wb56l2i", "content": "", "creation_timestamp": "2026-04-20T22:24:09.518271Z"} {"uuid": "f5e537dd-f190-4d94-872f-d8c2f4e5ed93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4852", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mjxj2wb56l2i", "content": "", "creation_timestamp": "2026-04-20T22:24:09.518271Z"} https://vulnerability.circl.lu/sighting/f5e537dd-f190-4d94-872f-d8c2f4e5ed93/export Mon, 20 Apr 2026 22:24:09 +0000 bb7c428f-9007-4a4f-90e2-0fac2e5174f5 https://vulnerability.circl.lu/sighting/bb7c428f-9007-4a4f-90e2-0fac2e5174f5/export {"uuid": "bb7c428f-9007-4a4f-90e2-0fac2e5174f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48527", "type": "published-proof-of-concept", "source": "https://github.com/haxtheweb/issues/security/advisories/GHSA-g2g8-95qg-v35h", "content": "", "creation_timestamp": "2026-05-21T20:37:15.000000Z"} {"uuid": "bb7c428f-9007-4a4f-90e2-0fac2e5174f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48527", "type": "published-proof-of-concept", "source": "https://github.com/haxtheweb/issues/security/advisories/GHSA-g2g8-95qg-v35h", "content": "", "creation_timestamp": "2026-05-21T20:37:15.000000Z"} https://vulnerability.circl.lu/sighting/bb7c428f-9007-4a4f-90e2-0fac2e5174f5/export Thu, 21 May 2026 20:37:15 +0000 0dccc110-b203-4a63-b2bc-5ddccbf57c49 https://vulnerability.circl.lu/sighting/0dccc110-b203-4a63-b2bc-5ddccbf57c49/export {"uuid": "0dccc110-b203-4a63-b2bc-5ddccbf57c49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48524", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwjprwno32c", "content": "CVE-2026-48524 - PyJWT: PyJWKClient unbounded JWKS endpoint requests via attacker-controlled kid values (DoS)\nCVE ID : CVE-2026-48524\n \n Published : May 28, 2026, 4:16 p.m. | 15\u00a0minutes ago\n \n Description : PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, P...", "creation_timestamp": "2026-05-28T17:18:42.980532Z"} {"uuid": "0dccc110-b203-4a63-b2bc-5ddccbf57c49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48524", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwjprwno32c", "content": "CVE-2026-48524 - PyJWT: PyJWKClient unbounded JWKS endpoint requests via attacker-controlled kid values (DoS)\nCVE ID : CVE-2026-48524\n \n Published : May 28, 2026, 4:16 p.m. | 15\u00a0minutes ago\n \n Description : PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, P...", "creation_timestamp": "2026-05-28T17:18:42.980532Z"} https://vulnerability.circl.lu/sighting/0dccc110-b203-4a63-b2bc-5ddccbf57c49/export Thu, 28 May 2026 17:18:42 +0000 c45639e4-1719-4798-a87d-e4f9e0da5462 https://vulnerability.circl.lu/sighting/c45639e4-1719-4798-a87d-e4f9e0da5462/export {"uuid": "c45639e4-1719-4798-a87d-e4f9e0da5462", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48526", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwksx74os2e", "content": "CVE-2026-48526 - PyJWT: Public-key JWK accepted as HMAC secret enables forged HS256 tokens when mixed families are allowed\nCVE ID : CVE-2026-48526\n \n Published : May 28, 2026, 4:16 p.m. | 15\u00a0minutes ago\n \n Description : PyJWT is a JSON Web Token implementation in Python. Prior...", "creation_timestamp": "2026-05-28T17:38:22.790548Z"} {"uuid": "c45639e4-1719-4798-a87d-e4f9e0da5462", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48526", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwksx74os2e", "content": "CVE-2026-48526 - PyJWT: Public-key JWK accepted as HMAC secret enables forged HS256 tokens when mixed families are allowed\nCVE ID : CVE-2026-48526\n \n Published : May 28, 2026, 4:16 p.m. | 15\u00a0minutes ago\n \n Description : PyJWT is a JSON Web Token implementation in Python. Prior...", "creation_timestamp": "2026-05-28T17:38:22.790548Z"} https://vulnerability.circl.lu/sighting/c45639e4-1719-4798-a87d-e4f9e0da5462/export Thu, 28 May 2026 17:38:22 +0000 ea056b43-3f36-4023-b0c2-be8378982c6d https://vulnerability.circl.lu/sighting/ea056b43-3f36-4023-b0c2-be8378982c6d/export {"uuid": "ea056b43-3f36-4023-b0c2-be8378982c6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48523", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwl3vmqup2r", "content": "CVE-2026-48523 - PyJWT: Algorithm allow-list bypass when decoding with `PyJWK` / `PyJWKClient` keys\nCVE ID : CVE-2026-48523\n \n Published : May 28, 2026, 4:16 p.m. | 15\u00a0minutes ago\n \n Description : PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there ...", "creation_timestamp": "2026-05-28T17:43:23.255339Z"} {"uuid": "ea056b43-3f36-4023-b0c2-be8378982c6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48523", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwl3vmqup2r", "content": "CVE-2026-48523 - PyJWT: Algorithm allow-list bypass when decoding with `PyJWK` / `PyJWKClient` keys\nCVE ID : CVE-2026-48523\n \n Published : May 28, 2026, 4:16 p.m. | 15\u00a0minutes ago\n \n Description : PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there ...", "creation_timestamp": "2026-05-28T17:43:23.255339Z"} https://vulnerability.circl.lu/sighting/ea056b43-3f36-4023-b0c2-be8378982c6d/export Thu, 28 May 2026 17:43:23 +0000 6120e7f4-67dc-4baa-9b25-dde308a13b94 https://vulnerability.circl.lu/sighting/6120e7f4-67dc-4baa-9b25-dde308a13b94/export {"uuid": "6120e7f4-67dc-4baa-9b25-dde308a13b94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48525", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwleu26lh2k", "content": "CVE-2026-48525 - PyJWT: Unauthenticated DoS via unbounded Base64URL decoding of unused payload segment in b64=false detached JWS\nCVE ID : CVE-2026-48525\n \n Published : May 28, 2026, 4:16 p.m. | 15\u00a0minutes ago\n \n Description : PyJWT is a JSON Web Token implementation in Python....", "creation_timestamp": "2026-05-28T17:48:23.732898Z"} {"uuid": "6120e7f4-67dc-4baa-9b25-dde308a13b94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48525", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwleu26lh2k", "content": "CVE-2026-48525 - PyJWT: Unauthenticated DoS via unbounded Base64URL decoding of unused payload segment in b64=false detached JWS\nCVE ID : CVE-2026-48525\n \n Published : May 28, 2026, 4:16 p.m. | 15\u00a0minutes ago\n \n Description : PyJWT is a JSON Web Token implementation in Python....", "creation_timestamp": "2026-05-28T17:48:23.732898Z"} https://vulnerability.circl.lu/sighting/6120e7f4-67dc-4baa-9b25-dde308a13b94/export Thu, 28 May 2026 17:48:23 +0000 d412ee9d-9fef-437a-a608-1ad70b95b8e4 https://vulnerability.circl.lu/sighting/d412ee9d-9fef-437a-a608-1ad70b95b8e4/export {"uuid": "d412ee9d-9fef-437a-a608-1ad70b95b8e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48522", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwlnshmtl2k", "content": "CVE-2026-48522 - PyJWKClient: missing scheme allowlist enables SSRF + token forgery via file://, ftp://, data: schemes\nCVE ID : CVE-2026-48522\n \n Published : May 28, 2026, 4:16 p.m. | 15\u00a0minutes ago\n \n Description : PyJWT is a JSON Web Token implementation in Python. Prior to ...", "creation_timestamp": "2026-05-28T17:53:23.839388Z"} {"uuid": "d412ee9d-9fef-437a-a608-1ad70b95b8e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48522", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwlnshmtl2k", "content": "CVE-2026-48522 - PyJWKClient: missing scheme allowlist enables SSRF + token forgery via file://, ftp://, data: schemes\nCVE ID : CVE-2026-48522\n \n Published : May 28, 2026, 4:16 p.m. | 15\u00a0minutes ago\n \n Description : PyJWT is a JSON Web Token implementation in Python. Prior to ...", "creation_timestamp": "2026-05-28T17:53:23.839388Z"} https://vulnerability.circl.lu/sighting/d412ee9d-9fef-437a-a608-1ad70b95b8e4/export Thu, 28 May 2026 17:53:23 +0000 181f84c1-b0ec-4f00-bf6c-d4800f998861 https://vulnerability.circl.lu/sighting/181f84c1-b0ec-4f00-bf6c-d4800f998861/export {"uuid": "181f84c1-b0ec-4f00-bf6c-d4800f998861", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48527", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmyuju2ije22", "content": "CVE-2026-48527 - HaxCMS has a stored Cross-Site Scripting (XSS) bypass in saveNode endpoint\nCVE ID : CVE-2026-48527\n \n Published : May 29, 2026, 1:16 p.m. | 1\u00a0hour, 55\u00a0minutes ago\n \n Description : HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions up...", "creation_timestamp": "2026-05-29T15:37:37.120252Z"} {"uuid": "181f84c1-b0ec-4f00-bf6c-d4800f998861", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48527", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmyuju2ije22", "content": "CVE-2026-48527 - HaxCMS has a stored Cross-Site Scripting (XSS) bypass in saveNode endpoint\nCVE ID : CVE-2026-48527\n \n Published : May 29, 2026, 1:16 p.m. | 1\u00a0hour, 55\u00a0minutes ago\n \n Description : HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions up...", "creation_timestamp": "2026-05-29T15:37:37.120252Z"} https://vulnerability.circl.lu/sighting/181f84c1-b0ec-4f00-bf6c-d4800f998861/export Fri, 29 May 2026 15:37:37 +0000 e21227da-aaa1-48de-afda-d908512fbc23 https://vulnerability.circl.lu/sighting/e21227da-aaa1-48de-afda-d908512fbc23/export {"uuid": "e21227da-aaa1-48de-afda-d908512fbc23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48527", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mn45s4mkta2s", "content": "\ud83d\udfe0 CVE-2026-48527 - High (8.7)\n\nHAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions up to and including...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48527/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-30T23:01:15.705522Z"} {"uuid": "e21227da-aaa1-48de-afda-d908512fbc23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48527", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mn45s4mkta2s", "content": "\ud83d\udfe0 CVE-2026-48527 - High (8.7)\n\nHAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions up to and including...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48527/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-30T23:01:15.705522Z"} https://vulnerability.circl.lu/sighting/e21227da-aaa1-48de-afda-d908512fbc23/export Sat, 30 May 2026 23:01:15 +0000