https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 22 Jun 2026 04:08:34 +0000 https://vulnerability.circl.lu/sighting/788beff4-f3e2-4600-9491-6117dae9a6b7/export {"uuid": "788beff4-f3e2-4600-9491-6117dae9a6b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56394", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116791170039431358", "content": "CVE-2026-56394: HIGH severity path traversal in Craft CMS 4.0.0-RC1 & 5.0.0-RC1. Authenticated attackers can read local files via assets/icon endpoint. Restrict access & monitor activity. No patch yet. https://radar.offseq.com/threat/cve-2026-56394-improper-limitation-of-a-pathname-t-139f3a46ea00069e #OffSeq #CraftCMS #Vuln #PathTraversal", "creation_timestamp": "2026-06-22T01:30:29.519228Z"} {"uuid": "788beff4-f3e2-4600-9491-6117dae9a6b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56394", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116791170039431358", "content": "CVE-2026-56394: HIGH severity path traversal in Craft CMS 4.0.0-RC1 & 5.0.0-RC1. Authenticated attackers can read local files via assets/icon endpoint. Restrict access & monitor activity. No patch yet. https://radar.offseq.com/threat/cve-2026-56394-improper-limitation-of-a-pathname-t-139f3a46ea00069e #OffSeq #CraftCMS #Vuln #PathTraversal", "creation_timestamp": "2026-06-22T01:30:29.519228Z"} https://vulnerability.circl.lu/sighting/788beff4-f3e2-4600-9491-6117dae9a6b7/export Mon, 22 Jun 2026 01:30:29 +0000 https://vulnerability.circl.lu/sighting/b3d1357b-0626-4d09-8811-cf0be2857c56/export {"uuid": "b3d1357b-0626-4d09-8811-cf0be2857c56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56394", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3motqfb5ttb2g", "content": "CVE-2026-56394: HIGH severity path traversal in Craft CMS 4.0.0-RC1 & 5.0.0-RC1. Authenticated attackers can read local files. Restrict access & monitor until a fix is released. https://radar.offseq.com/threat/cve-2026-56394-improper-limitation-of-a-pathname-t-139f3a46ea00069e #OffSeq #CraftCMS #...", "creation_timestamp": "2026-06-22T01:30:30.751319Z"} {"uuid": "b3d1357b-0626-4d09-8811-cf0be2857c56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56394", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3motqfb5ttb2g", "content": "CVE-2026-56394: HIGH severity path traversal in Craft CMS 4.0.0-RC1 & 5.0.0-RC1. Authenticated attackers can read local files. Restrict access & monitor until a fix is released. https://radar.offseq.com/threat/cve-2026-56394-improper-limitation-of-a-pathname-t-139f3a46ea00069e #OffSeq #CraftCMS #...", "creation_timestamp": "2026-06-22T01:30:30.751319Z"} https://vulnerability.circl.lu/sighting/b3d1357b-0626-4d09-8811-cf0be2857c56/export Mon, 22 Jun 2026 01:30:30 +0000