{"uuid": "6f4b5eaa-3eb9-478e-9155-410d75ff205b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33264", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mq6pfc77f32f", "content": "\ud83d\udccc CVE-2026-33264 - A bug in `BaseSerialization.deserialize()` allowed unrestricted `import_string()` of attacker-controlled class paths when the Scheduler / API Server l... https://www.cyberhub.blog/cves/CVE-2026-33264", "creation_timestamp": "2026-07-09T03:37:06.086667Z"}