<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"
        xmlns:news="http://www.google.com/schemas/sitemap-news/0.9">
  <url>
    <loc>https://securelayer7.net/lab/better-auth-scim-provider-account-takeover-missing-owner-binding</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-07T21:07:58.122Z</news:publication_date>
      <news:title>@better-auth/scim: SCIM Provider Account Takeover via Missing Owner Binding</news:title>
      <news:keywords>Security Research</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/better-auth-stored-xss-javascript-redirect-uri-oidc-provider</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-07T21:28:53.367Z</news:publication_date>
      <news:title>better-auth Stored XSS via javascript: redirect_uri in oidc-provider and mcp Plugins</news:title>
      <news:keywords>Security Research</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-49464-nl-portal-taak-idor-submittaakv2</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-08T21:28:40.118Z</news:publication_date>
      <news:title>CVE-2026-49464: NL Portal Taak IDOR Allows Takeover of Any User&apos;s Open Task</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-49471-serena-agent-unauthenticated-dashboard-dns-rebinding-rce</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-08T21:28:07.593Z</news:publication_date>
      <news:title>CVE-2026-49471: serena-agent Unauthenticated Flask Dashboard Enables DNS Rebinding to RCE</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-49476-soupsieve-memory-exhaustion-selector-list</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T14:08:28.197Z</news:publication_date>
      <news:title>CVE-2026-49476: soupsieve Memory Exhaustion via Unbounded Selector List</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-49477-soupsieve-redos-selector-parser</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T14:07:58.260Z</news:publication_date>
      <news:title>CVE-2026-49477: soupsieve Regular Expression Denial of Service (ReDoS)</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-49485-hl7-fhir-dstu2-redos-fhirpath-matches</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T13:49:29.535Z</news:publication_date>
      <news:title>CVE-2026-49485: org.hl7.fhir.dstu2 FHIRPathEngine ReDoS via Unprotected matches()</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-49825-lxml-html-clean-xlink-href-xss</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-08T20:48:00.787Z</news:publication_date>
      <news:title>CVE-2026-49825: lxml_html_clean javascript: XSS via xlink:href</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-49832-dspace-velocity-template-injection-rce-ldn</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-08T20:28:41.209Z</news:publication_date>
      <news:title>CVE-2026-49832: DSpace Remote Code Execution via Velocity Template Injection in LDN</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-50197-skipper-opa-body-bypass-chunked-encoding</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-08T20:29:50.643Z</news:publication_date>
      <news:title>CVE-2026-50197: Skipper opaAuthorizeRequestWithBody OPA Policy Bypass via Chunked Encoding</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-50553-note-mark-path-traversal-slug-migrate-export</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T13:50:17.845Z</news:publication_date>
      <news:title>CVE-2026-50553: Note Mark Path Traversal via Unsanitized Book/Note Slug in Migrate Export</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-52831-nuclio-cron-trigger-command-injection-rce</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-08T20:29:21.288Z</news:publication_date>
      <news:title>CVE-2026-52831: Nuclio Cron Trigger OS Command Injection (Persistent RCE)</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-53513-better-auth-sso-ssrf-oidc-endpoints</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-07T21:09:12.087Z</news:publication_date>
      <news:title>CVE-2026-53513: @better-auth/sso SSRF via Unvalidated OIDC Endpoints</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-53514-better-auth-organization-invitation-takeover-unverified-email</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-07T21:30:00.879Z</news:publication_date>
      <news:title>CVE-2026-53514: better-auth Organization Invitation Takeover via Unverified Email Pre-Registration</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-53516-better-auth-oauth-auto-link-account-takeover</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-07T21:29:27.273Z</news:publication_date>
      <news:title>CVE-2026-53516: better-auth OAuth Auto-Link Account Takeover via Unverified Email</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-53517-better-auth-oauth-provider-refresh-token-race-condition</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-07T21:09:50.634Z</news:publication_date>
      <news:title>CVE-2026-53517: @better-auth/oauth-provider Refresh Token Family Fork via Race Condition</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-53518-better-auth-oauth-provider-authorization-code-race-condition</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-07T21:08:35.275Z</news:publication_date>
      <news:title>CVE-2026-53518: @better-auth/oauth-provider Authorization Code Race Condition Allows Duplicate Token Issuance</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-53530-ratex-parser-verb-utf8-panic-dos</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-07T23:49:14.771Z</news:publication_date>
      <news:title>CVE-2026-53530: ratex-parser Process Abort via UTF-8 Multibyte Delimiter in \verb</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-53552-goploy-cross-namespace-idor-rce-project-id</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-07T23:48:43.254Z</news:publication_date>
      <news:title>CVE-2026-53552: Goploy Cross-Namespace IDOR and RCE via Body-Controlled Project ID</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-53553-goploy-path-traversal-file-read</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-07T23:47:58.046Z</news:publication_date>
      <news:title>CVE-2026-53553: Goploy Arbitrary File Read via Path Traversal in /deploy/fileDiff</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-53649-joro-unauthenticated-cross-origin-plugin-upload-rce</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-08T20:28:04.075Z</news:publication_date>
      <news:title>CVE-2026-53649: Joro Unauthenticated Cross-Origin Plugin Upload RCE</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-53727-css-parser-ssrf-local-file-disclosure-import</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T13:48:54.144Z</news:publication_date>
      <news:title>CVE-2026-53727: css_parser SSRF and Local File Disclosure via @import</news:title>
      <news:keywords>CVE Advisory</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/cve-2026-56382-craftcms-fieldscontroller-yii2-event-injection-rce</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T13:48:02.176Z</news:publication_date>
      <news:title>CVE-2026-56382: Craft CMS RCE via Yii2 Event Handler Injection in FieldsController</news:title>
      <news:keywords>Security Research</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/micronaut-http-client-infinite-redirect-loop-dos</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T14:09:29.703Z</news:publication_date>
      <news:title>micronaut-http-client Infinite Redirect Loop Denial of Service</news:title>
      <news:keywords>Security Research</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://securelayer7.net/lab/phantom-audio-arbitrary-file-write-mcp-path-traversal</loc>
    <news:news>
      <news:publication>
        <news:name>SecureLayer7</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-09T14:09:00.429Z</news:publication_date>
      <news:title>phantom-audio: Arbitrary File Write and Decode-Bomb DoS via Unconfined MCP Tool Paths</news:title>
      <news:keywords>Security Research</news:keywords>
    </news:news>
  </url>
</urlset>