{"uuid": "1ef6d8a1-dd05-4a23-bf7d-5a9e6defb4f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42281", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116573877881665674", "content": "\ud83d\udea8 CVE-2026-42281: CRITICAL SSRF in MagicMirror\u00b2 (<2.36.0)! /cors endpoint lets unauthenticated attackers scan internal networks & exfiltrate environment secrets. Upgrade to 2.36.0+ now! https://radar.offseq.com/threat/cve-2026-42281-cwe-918-server-side-request-forgery-3c9e7191 #OffSeq #SSRF #MagicMirror #Vuln", "creation_timestamp": "2026-05-14T16:31:25.612976Z"}