{"uuid": "64c7bf97-182d-42d4-a827-04ece8a62030", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46414", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116649966169277719", "content": "\ud83d\udee1\ufe0f CVE-2026-46414 (HIGH): Auth bypass in Microsoft UFO 3.0.1-4-ge2626659. Attackers can spoof roles & hijack device tasks via WebSocket. No patch yet \u2014 restrict server token & trusted client access. More: https://radar.offseq.com/threat/cve-2026-46414-cwe-290-authentication-bypass-by-sp-c8a9e703 #OffSeq #CVE202646414 #MicrosoftUFO #Vuln", "creation_timestamp": "2026-05-28T03:00:32.524517Z"}