Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 05 Jun 2026 07:58:39 +0000 a97caeaf-1a82-40e4-8b31-dcd8a4b6002c https://vulnerability.circl.lu/sighting/a97caeaf-1a82-40e4-8b31-dcd8a4b6002c/export {"uuid": "a97caeaf-1a82-40e4-8b31-dcd8a4b6002c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-49185", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116689956169057665", "content": "\u26a0\ufe0f CVE-2026-49185: Acer Connect M6E 5G WiFi Router has a CRITICAL OS command injection bug (CVSS 10). Remote, unauthenticated exploitation possible. No patch available \u2014 limit exposure & monitor vendor updates. https://radar.offseq.com/threat/cve-2026-49185-cwe-78-improper-neutralization-of-s-b208b2de #OffSeq #CVE202649185 #Infosec #Vuln", "creation_timestamp": "2026-06-04T04:30:27.623306Z"} {"uuid": "a97caeaf-1a82-40e4-8b31-dcd8a4b6002c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-49185", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116689956169057665", "content": "\u26a0\ufe0f CVE-2026-49185: Acer Connect M6E 5G WiFi Router has a CRITICAL OS command injection bug (CVSS 10). Remote, unauthenticated exploitation possible. No patch available \u2014 limit exposure & monitor vendor updates. https://radar.offseq.com/threat/cve-2026-49185-cwe-78-improper-neutralization-of-s-b208b2de #OffSeq #CVE202649185 #Infosec #Vuln", "creation_timestamp": "2026-06-04T04:30:27.623306Z"} https://vulnerability.circl.lu/sighting/a97caeaf-1a82-40e4-8b31-dcd8a4b6002c/export Thu, 04 Jun 2026 04:30:27 +0000 1a346873-c7a9-47b4-9801-e38ea1e407f2 https://vulnerability.circl.lu/sighting/1a346873-c7a9-47b4-9801-e38ea1e407f2/export {"uuid": "1a346873-c7a9-47b4-9801-e38ea1e407f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-49185", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mngs2jmfpk2q", "content": "CRITICAL: Acer Connect M6E 5G Router has a CVSS 10 OS command injection flaw. Remote attackers can run arbitrary OS commands. No patch \u2014 restrict device from untrusted networks & watch for updates. https://radar.offseq.com/threat/cve-2026-49185-cwe-78-improper-neutralization-of-s-b208b2de #OffSeq...", "creation_timestamp": "2026-06-04T04:30:29.809522Z"} {"uuid": "1a346873-c7a9-47b4-9801-e38ea1e407f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-49185", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mngs2jmfpk2q", "content": "CRITICAL: Acer Connect M6E 5G Router has a CVSS 10 OS command injection flaw. Remote attackers can run arbitrary OS commands. No patch \u2014 restrict device from untrusted networks & watch for updates. https://radar.offseq.com/threat/cve-2026-49185-cwe-78-improper-neutralization-of-s-b208b2de #OffSeq...", "creation_timestamp": "2026-06-04T04:30:29.809522Z"} https://vulnerability.circl.lu/sighting/1a346873-c7a9-47b4-9801-e38ea1e407f2/export Thu, 04 Jun 2026 04:30:29 +0000 e5286442-8783-4b15-ad83-50152662f3af https://vulnerability.circl.lu/sighting/e5286442-8783-4b15-ad83-50152662f3af/export {"uuid": "e5286442-8783-4b15-ad83-50152662f3af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49185", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnh23det5u2k", "content": "CVE-2026-49185 - Instruction Injection via FieldX MDM\nCVE ID : CVE-2026-49185\n \n Published : June 4, 2026, 4:17 a.m. | 2\u00a0hours, 15\u00a0minutes ago\n \n Description : The FieldX MDM adb messaging topic passes unverified payloads directly into\u00a0Runtime.exec(), allowing command/instruct...", "creation_timestamp": "2026-06-04T06:54:06.177011Z"} {"uuid": "e5286442-8783-4b15-ad83-50152662f3af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49185", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnh23det5u2k", "content": "CVE-2026-49185 - Instruction Injection via FieldX MDM\nCVE ID : CVE-2026-49185\n \n Published : June 4, 2026, 4:17 a.m. | 2\u00a0hours, 15\u00a0minutes ago\n \n Description : The FieldX MDM adb messaging topic passes unverified payloads directly into\u00a0Runtime.exec(), allowing command/instruct...", "creation_timestamp": "2026-06-04T06:54:06.177011Z"} https://vulnerability.circl.lu/sighting/e5286442-8783-4b15-ad83-50152662f3af/export Thu, 04 Jun 2026 06:54:06 +0000 a81a7a63-56f6-469c-b559-143d8b71dd92 https://vulnerability.circl.lu/sighting/a81a7a63-56f6-469c-b559-143d8b71dd92/export {"uuid": "a81a7a63-56f6-469c-b559-143d8b71dd92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49187", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnh3hnyo5s2x", "content": "CVE-2026-49187 - Hard-coded APK Resource Credentials & Scepters\nCVE ID : CVE-2026-49187\n \n Published : June 4, 2026, 6:16 a.m. | 16\u00a0minutes ago\n \n Description : The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misu...", "creation_timestamp": "2026-06-04T07:18:53.954770Z"} {"uuid": "a81a7a63-56f6-469c-b559-143d8b71dd92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49187", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnh3hnyo5s2x", "content": "CVE-2026-49187 - Hard-coded APK Resource Credentials & Scepters\nCVE ID : CVE-2026-49187\n \n Published : June 4, 2026, 6:16 a.m. | 16\u00a0minutes ago\n \n Description : The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misu...", "creation_timestamp": "2026-06-04T07:18:53.954770Z"} https://vulnerability.circl.lu/sighting/a81a7a63-56f6-469c-b559-143d8b71dd92/export Thu, 04 Jun 2026 07:18:53 +0000 7a0aee5a-1fac-4904-b63b-1be8f2d93368 https://vulnerability.circl.lu/sighting/7a0aee5a-1fac-4904-b63b-1be8f2d93368/export {"uuid": "7a0aee5a-1fac-4904-b63b-1be8f2d93368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49186", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnh3yc4mof24", "content": "CVE-2026-49186 - Lack of MQTT Broker Topic Access Control Lists\nCVE ID : CVE-2026-49186\n \n Published : June 4, 2026, 4:17 a.m. | 2\u00a0hours, 15\u00a0minutes ago\n \n Description : The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any client to s...", "creation_timestamp": "2026-06-04T07:28:11.928680Z"} {"uuid": "7a0aee5a-1fac-4904-b63b-1be8f2d93368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49186", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnh3yc4mof24", "content": "CVE-2026-49186 - Lack of MQTT Broker Topic Access Control Lists\nCVE ID : CVE-2026-49186\n \n Published : June 4, 2026, 4:17 a.m. | 2\u00a0hours, 15\u00a0minutes ago\n \n Description : The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any client to s...", "creation_timestamp": "2026-06-04T07:28:11.928680Z"} https://vulnerability.circl.lu/sighting/7a0aee5a-1fac-4904-b63b-1be8f2d93368/export Thu, 04 Jun 2026 07:28:11 +0000 1bc7acba-4f2b-42f4-9ab6-9bfd1298d37e https://vulnerability.circl.lu/sighting/1bc7acba-4f2b-42f4-9ab6-9bfd1298d37e/export {"uuid": "1bc7acba-4f2b-42f4-9ab6-9bfd1298d37e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-49189", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnh44fcjsw2f", "content": "Acer Connect M6E 5G WiFi Router faces a HIGH severity flaw (CVE-2026-49189): local apps can gain admin control. No patch yet \u2014 restrict device access & monitor updates. https://radar.offseq.com/threat/cve-2026-49189-cwe-269-improper-privilege-manageme-7d497fd8 #OffSeq #Acer #Security", "creation_timestamp": "2026-06-04T07:30:29.694579Z"} {"uuid": "1bc7acba-4f2b-42f4-9ab6-9bfd1298d37e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-49189", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnh44fcjsw2f", "content": "Acer Connect M6E 5G WiFi Router faces a HIGH severity flaw (CVE-2026-49189): local apps can gain admin control. No patch yet \u2014 restrict device access & monitor updates. https://radar.offseq.com/threat/cve-2026-49189-cwe-269-improper-privilege-manageme-7d497fd8 #OffSeq #Acer #Security", "creation_timestamp": "2026-06-04T07:30:29.694579Z"} https://vulnerability.circl.lu/sighting/1bc7acba-4f2b-42f4-9ab6-9bfd1298d37e/export Thu, 04 Jun 2026 07:30:29 +0000 24f57448-f025-40c8-99fa-53008d235119 https://vulnerability.circl.lu/sighting/24f57448-f025-40c8-99fa-53008d235119/export {"uuid": "24f57448-f025-40c8-99fa-53008d235119", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-49189", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116690663960529131", "content": "HIGH severity: CVE-2026-49189 in Acer Connect M6E 5G WiFi Router lets unauthorized local apps invoke admin ops via improper privilege management. No patch yet \u2014 restrict local access & monitor for updates. Details: https://radar.offseq.com/threat/cve-2026-49189-cwe-269-improper-privilege-manageme-7d497fd8 #OffSeq #Acer #Vuln #Cybersecurity", "creation_timestamp": "2026-06-04T07:30:37.582621Z"} {"uuid": "24f57448-f025-40c8-99fa-53008d235119", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-49189", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116690663960529131", "content": "HIGH severity: CVE-2026-49189 in Acer Connect M6E 5G WiFi Router lets unauthorized local apps invoke admin ops via improper privilege management. No patch yet \u2014 restrict local access & monitor for updates. Details: https://radar.offseq.com/threat/cve-2026-49189-cwe-269-improper-privilege-manageme-7d497fd8 #OffSeq #Acer #Vuln #Cybersecurity", "creation_timestamp": "2026-06-04T07:30:37.582621Z"} https://vulnerability.circl.lu/sighting/24f57448-f025-40c8-99fa-53008d235119/export Thu, 04 Jun 2026 07:30:37 +0000 af38c5e8-b352-4856-ad9e-4cd6199ac3b4 https://vulnerability.circl.lu/sighting/af38c5e8-b352-4856-ad9e-4cd6199ac3b4/export {"uuid": "af38c5e8-b352-4856-ad9e-4cd6199ac3b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49188", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnh4k7b65v2k", "content": "CVE-2026-49188 - Elevated Root Command Execution via ai_cmd Sockets\nCVE ID : CVE-2026-49188\n \n Published : June 4, 2026, 6:16 a.m. | 16\u00a0minutes ago\n \n Description : The\u00a0ai_cmd\u00a0utility executes with full root permissions. It pipes socket inputs directly to\u00a0popen(), paving the w...", "creation_timestamp": "2026-06-04T07:38:12.592103Z"} {"uuid": "af38c5e8-b352-4856-ad9e-4cd6199ac3b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49188", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnh4k7b65v2k", "content": "CVE-2026-49188 - Elevated Root Command Execution via ai_cmd Sockets\nCVE ID : CVE-2026-49188\n \n Published : June 4, 2026, 6:16 a.m. | 16\u00a0minutes ago\n \n Description : The\u00a0ai_cmd\u00a0utility executes with full root permissions. It pipes socket inputs directly to\u00a0popen(), paving the w...", "creation_timestamp": "2026-06-04T07:38:12.592103Z"} https://vulnerability.circl.lu/sighting/af38c5e8-b352-4856-ad9e-4cd6199ac3b4/export Thu, 04 Jun 2026 07:38:12 +0000 566597f6-334e-4fb1-b709-139ced411ce1 https://vulnerability.circl.lu/sighting/566597f6-334e-4fb1-b709-139ced411ce1/export {"uuid": "566597f6-334e-4fb1-b709-139ced411ce1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49189", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnh4t5pwyz2g", "content": "CVE-2026-49189 - Broadcast Receiver Privilege Escalation\nCVE ID : CVE-2026-49189\n \n Published : June 4, 2026, 6:16 a.m. | 16\u00a0minutes ago\n \n Description : Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke adm...", "creation_timestamp": "2026-06-04T07:43:12.921302Z"} {"uuid": "566597f6-334e-4fb1-b709-139ced411ce1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49189", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnh4t5pwyz2g", "content": "CVE-2026-49189 - Broadcast Receiver Privilege Escalation\nCVE ID : CVE-2026-49189\n \n Published : June 4, 2026, 6:16 a.m. | 16\u00a0minutes ago\n \n Description : Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke adm...", "creation_timestamp": "2026-06-04T07:43:12.921302Z"} https://vulnerability.circl.lu/sighting/566597f6-334e-4fb1-b709-139ced411ce1/export Thu, 04 Jun 2026 07:43:12 +0000 512ac5d8-86d5-497a-ba0a-b98cbb6fe03d https://vulnerability.circl.lu/sighting/512ac5d8-86d5-497a-ba0a-b98cbb6fe03d/export {"uuid": "512ac5d8-86d5-497a-ba0a-b98cbb6fe03d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49185", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116693678894328091", "content": "It is possible to see elevated activities targeting Acer Connect M6E 5G Portable WiFi Router (CVE-2026-49185) https://vuldb.com/vuln/368247/cti", "creation_timestamp": "2026-06-04T20:17:22.686276Z"} {"uuid": "512ac5d8-86d5-497a-ba0a-b98cbb6fe03d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49185", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116693678894328091", "content": "It is possible to see elevated activities targeting Acer Connect M6E 5G Portable WiFi Router (CVE-2026-49185) https://vuldb.com/vuln/368247/cti", "creation_timestamp": "2026-06-04T20:17:22.686276Z"} https://vulnerability.circl.lu/sighting/512ac5d8-86d5-497a-ba0a-b98cbb6fe03d/export Thu, 04 Jun 2026 20:17:22 +0000