{"uuid": "3ca3852a-ef6c-45a5-8a76-9c194c8523d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "ghsa-3fmp-59v6-4qw2", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116870089136632895", "content": "CVE-2026-59509 (CRITICAL): cve-search POST /fetch_cve_data allows unauth'd access to arbitrary MongoDB collections, exposing admin creds for offline cracking. Restrict endpoint, monitor activity, check vendor updates. https://radar.offseq.com/threat/ghsa-3fmp-59v6-4qw2-ddbb46f84ba1bbe2 #OffSeq #infosec #CVE202659509", "creation_timestamp": "2026-07-06T00:00:38.688616Z"}