{"uuid": "5568f453-64f1-4e3c-a2fe-19dab45b00f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9678", "type": "seen", "source": "https://bsky.app/profile/nodeland.dev/post/3mol72n6k5o27", "content": "\ud83d\udfe1 Moderate: Shared-cache disclosure (CVE-2026-9678).\nThe cache interceptor mishandled whitespace-padded Cache-Control like `private=\" authorization\"`, so authenticated responses could be cached & served to other users in shared mode.\nv7/v8. Fixed in 7.28.0 / 8.5.0.", "creation_timestamp": "2026-06-18T15:59:05.069707Z"}