<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sun, 12 Jul 2026 20:19:55 +0000</lastBuildDate>
    <item>
      <title>6a3b2385-38b4-48ed-9d9e-27f849c25ead</title>
      <link>https://vulnerability.circl.lu/sighting/6a3b2385-38b4-48ed-9d9e-27f849c25ead/export</link>
      <description>{"uuid": "6a3b2385-38b4-48ed-9d9e-27f849c25ead", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-60090", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqg6qjk4vg23", "content": "PraisonAI &amp;lt;4.6.78 has a CRITICAL SQL injection flaw (CVE-2026-60090, CVSS 9.3). Unauthenticated attackers can destroy data. Restrict access &amp;amp; update to 4.6.78+ when available. https://radar.offseq.com/threat/cve-2026-60090-improper-neutralization-of-special--a49ea84d7839ded1 #OffSeq #SQLInjection...", "creation_timestamp": "2026-07-12T03:00:27.599343Z"}</description>
      <content:encoded>{"uuid": "6a3b2385-38b4-48ed-9d9e-27f849c25ead", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-60090", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqg6qjk4vg23", "content": "PraisonAI &amp;lt;4.6.78 has a CRITICAL SQL injection flaw (CVE-2026-60090, CVSS 9.3). Unauthenticated attackers can destroy data. Restrict access &amp;amp; update to 4.6.78+ when available. https://radar.offseq.com/threat/cve-2026-60090-improper-neutralization-of-special--a49ea84d7839ded1 #OffSeq #SQLInjection...", "creation_timestamp": "2026-07-12T03:00:27.599343Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/6a3b2385-38b4-48ed-9d9e-27f849c25ead/export</guid>
      <pubDate>Sun, 12 Jul 2026 03:00:27 +0000</pubDate>
    </item>
    <item>
      <title>19237cba-adb7-4c1c-b064-0afbdc6b7230</title>
      <link>https://vulnerability.circl.lu/sighting/19237cba-adb7-4c1c-b064-0afbdc6b7230/export</link>
      <description>{"uuid": "19237cba-adb7-4c1c-b064-0afbdc6b7230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-60090", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116904769950802301", "content": "CVE-2026-60090: PraisonAI &amp;lt;4.6.78 suffers CRITICAL SQL injection (CVSS 9.3). Unauthenticated attackers can drop tables or run arbitrary SQL/CQL via create_collection(). Restrict access &amp;amp; upgrade ASAP. https://radar.offseq.com/threat/cve-2026-60090-improper-neutralization-of-special--a49ea84d7839ded1 #OffSeq #infosec #SQLInjection #vuln", "creation_timestamp": "2026-07-12T03:00:25.852885Z"}</description>
      <content:encoded>{"uuid": "19237cba-adb7-4c1c-b064-0afbdc6b7230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-60090", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116904769950802301", "content": "CVE-2026-60090: PraisonAI &amp;lt;4.6.78 suffers CRITICAL SQL injection (CVSS 9.3). Unauthenticated attackers can drop tables or run arbitrary SQL/CQL via create_collection(). Restrict access &amp;amp; upgrade ASAP. https://radar.offseq.com/threat/cve-2026-60090-improper-neutralization-of-special--a49ea84d7839ded1 #OffSeq #infosec #SQLInjection #vuln", "creation_timestamp": "2026-07-12T03:00:25.852885Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/19237cba-adb7-4c1c-b064-0afbdc6b7230/export</guid>
      <pubDate>Sun, 12 Jul 2026 03:00:25 +0000</pubDate>
    </item>
    <item>
      <title>a28c658c-cd5a-4fd8-ae94-559fbde4520c</title>
      <link>https://vulnerability.circl.lu/sighting/a28c658c-cd5a-4fd8-ae94-559fbde4520c/export</link>
      <description>{"uuid": "a28c658c-cd5a-4fd8-ae94-559fbde4520c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60090", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqezqflqeh26", "content": "CVE-2026-60090 - PraisonAI before 4.6.78 SQL/CQL Injection via vector dimension\nCVE ID : CVE-2026-60090\n \n Published : July 11, 2026, 2:16 p.m. | 1\u00a0hour, 8\u00a0minutes ago\n \n Description : PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the PG...", "creation_timestamp": "2026-07-11T15:58:31.571646Z"}</description>
      <content:encoded>{"uuid": "a28c658c-cd5a-4fd8-ae94-559fbde4520c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60090", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqezqflqeh26", "content": "CVE-2026-60090 - PraisonAI before 4.6.78 SQL/CQL Injection via vector dimension\nCVE ID : CVE-2026-60090\n \n Published : July 11, 2026, 2:16 p.m. | 1\u00a0hour, 8\u00a0minutes ago\n \n Description : PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the PG...", "creation_timestamp": "2026-07-11T15:58:31.571646Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a28c658c-cd5a-4fd8-ae94-559fbde4520c/export</guid>
      <pubDate>Sat, 11 Jul 2026 15:58:31 +0000</pubDate>
    </item>
    <item>
      <title>2728f053-d0d0-4ad5-aab7-5368e46d9108</title>
      <link>https://vulnerability.circl.lu/sighting/2728f053-d0d0-4ad5-aab7-5368e46d9108/export</link>
      <description>{"uuid": "2728f053-d0d0-4ad5-aab7-5368e46d9108", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60090", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqewk2gtqw2b", "content": "\ud83d\udd34 CVE-2026-60090 - Critical (9.8)\n\nPraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the PGVecto...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-60090/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-11T15:01:00.741383Z"}</description>
      <content:encoded>{"uuid": "2728f053-d0d0-4ad5-aab7-5368e46d9108", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60090", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqewk2gtqw2b", "content": "\ud83d\udd34 CVE-2026-60090 - Critical (9.8)\n\nPraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the PGVecto...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-60090/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-11T15:01:00.741383Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/2728f053-d0d0-4ad5-aab7-5368e46d9108/export</guid>
      <pubDate>Sat, 11 Jul 2026 15:01:00 +0000</pubDate>
    </item>
    <item>
      <title>0ce43faa-fbe6-4bc1-bd5a-4ca24c390efe</title>
      <link>https://vulnerability.circl.lu/sighting/0ce43faa-fbe6-4bc1-bd5a-4ca24c390efe/export</link>
      <description>{"uuid": "0ce43faa-fbe6-4bc1-bd5a-4ca24c390efe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60090", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqevnii7zw2d", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-60090 \u0432 PraisonAI: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/FA102B3A-9B07-43C0-BB30-1367FD7BE593", "creation_timestamp": "2026-07-11T14:45:02.856267Z"}</description>
      <content:encoded>{"uuid": "0ce43faa-fbe6-4bc1-bd5a-4ca24c390efe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60090", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqevnii7zw2d", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-60090 \u0432 PraisonAI: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/FA102B3A-9B07-43C0-BB30-1367FD7BE593", "creation_timestamp": "2026-07-11T14:45:02.856267Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0ce43faa-fbe6-4bc1-bd5a-4ca24c390efe/export</guid>
      <pubDate>Sat, 11 Jul 2026 14:45:02 +0000</pubDate>
    </item>
    <item>
      <title>7abec77e-7af2-4dd5-bcba-0bbb03d8fc22</title>
      <link>https://vulnerability.circl.lu/sighting/7abec77e-7af2-4dd5-bcba-0bbb03d8fc22/export</link>
      <description>{"uuid": "7abec77e-7af2-4dd5-bcba-0bbb03d8fc22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60090", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqeulm7xao2h", "content": "CVE-2026-60090\nPraisonAI's knowledge-store in versions before 4.6.78 fails to check user input, allowing malicious users to inject SQL or Cassandra Query Language (CQL) code. This could potentially allow them to access or\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-11T14:26:05.567033Z"}</description>
      <content:encoded>{"uuid": "7abec77e-7af2-4dd5-bcba-0bbb03d8fc22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-60090", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqeulm7xao2h", "content": "CVE-2026-60090\nPraisonAI's knowledge-store in versions before 4.6.78 fails to check user input, allowing malicious users to inject SQL or Cassandra Query Language (CQL) code. This could potentially allow them to access or\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-11T14:26:05.567033Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7abec77e-7af2-4dd5-bcba-0bbb03d8fc22/export</guid>
      <pubDate>Sat, 11 Jul 2026 14:26:05 +0000</pubDate>
    </item>
  </channel>
</rss>
