<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 03 Jul 2026 19:38:12 +0000</lastBuildDate>
    <item>
      <title>a653249a-1657-4512-a0ad-5bd88dfdeea5</title>
      <link>https://vulnerability.circl.lu/sighting/a653249a-1657-4512-a0ad-5bd88dfdeea5/export</link>
      <description>{"uuid": "a653249a-1657-4512-a0ad-5bd88dfdeea5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6556", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpng6qcv642i", "content": "\ud83d\udccc CVE-2026-6556 - @fastify/express versions 4.0.6 and earlier only rewrite the plugin prefix for middleware mount paths when the path argument is a string. Non-string m... https://www.cyberhub.blog/cves/CVE-2026-6556", "creation_timestamp": "2026-07-02T06:37:07.091058Z"}</description>
      <content:encoded>{"uuid": "a653249a-1657-4512-a0ad-5bd88dfdeea5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6556", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpng6qcv642i", "content": "\ud83d\udccc CVE-2026-6556 - @fastify/express versions 4.0.6 and earlier only rewrite the plugin prefix for middleware mount paths when the path argument is a string. Non-string m... https://www.cyberhub.blog/cves/CVE-2026-6556", "creation_timestamp": "2026-07-02T06:37:07.091058Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a653249a-1657-4512-a0ad-5bd88dfdeea5/export</guid>
      <pubDate>Thu, 02 Jul 2026 06:37:07 +0000</pubDate>
    </item>
    <item>
      <title>0cc9b47e-e173-4fcf-9101-d02616e04944</title>
      <link>https://vulnerability.circl.lu/sighting/0cc9b47e-e173-4fcf-9101-d02616e04944/export</link>
      <description>{"uuid": "0cc9b47e-e173-4fcf-9101-d02616e04944", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6556", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpj63qsdtd2f", "content": "CVE-2026-6556 - @fastify/express vulnerable to middleware bypass via non-string mount paths in prefixed plugins\nCVE ID : CVE-2026-6556\n \n Published : June 30, 2026, 12:48 p.m. | 57\u00a0minutes ago\n \n Description : @fastify/express versions 4.0.6 and earlier only rewrite the plugin...", "creation_timestamp": "2026-06-30T14:01:37.682197Z"}</description>
      <content:encoded>{"uuid": "0cc9b47e-e173-4fcf-9101-d02616e04944", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6556", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpj63qsdtd2f", "content": "CVE-2026-6556 - @fastify/express vulnerable to middleware bypass via non-string mount paths in prefixed plugins\nCVE ID : CVE-2026-6556\n \n Published : June 30, 2026, 12:48 p.m. | 57\u00a0minutes ago\n \n Description : @fastify/express versions 4.0.6 and earlier only rewrite the plugin...", "creation_timestamp": "2026-06-30T14:01:37.682197Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0cc9b47e-e173-4fcf-9101-d02616e04944/export</guid>
      <pubDate>Tue, 30 Jun 2026 14:01:37 +0000</pubDate>
    </item>
    <item>
      <title>1ae54cb7-3a3e-4b8d-98f8-f4ad088b9798</title>
      <link>https://vulnerability.circl.lu/sighting/1ae54cb7-3a3e-4b8d-98f8-f4ad088b9798/export</link>
      <description>{"uuid": "1ae54cb7-3a3e-4b8d-98f8-f4ad088b9798", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6556", "type": "seen", "source": "https://bsky.app/profile/ulisesgascon.com/post/3mpj2dxzyik2z", "content": "\ud83d\udea8 Critical-severity security fix in @fastify/express 4.0.7 just released!\n\nPatches CVE-2026-6556. @fastify/express vulnerable to middleware bypass via non-string mount paths in prefixed plugins.\n\ngithub.com/fastify/fast...", "creation_timestamp": "2026-06-30T12:54:39.102809Z"}</description>
      <content:encoded>{"uuid": "1ae54cb7-3a3e-4b8d-98f8-f4ad088b9798", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-6556", "type": "seen", "source": "https://bsky.app/profile/ulisesgascon.com/post/3mpj2dxzyik2z", "content": "\ud83d\udea8 Critical-severity security fix in @fastify/express 4.0.7 just released!\n\nPatches CVE-2026-6556. @fastify/express vulnerable to middleware bypass via non-string mount paths in prefixed plugins.\n\ngithub.com/fastify/fast...", "creation_timestamp": "2026-06-30T12:54:39.102809Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1ae54cb7-3a3e-4b8d-98f8-f4ad088b9798/export</guid>
      <pubDate>Tue, 30 Jun 2026 12:54:39 +0000</pubDate>
    </item>
  </channel>
</rss>
