{"uuid": "95751dab-7216-4db5-8f28-6e549a76f5f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39337", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlp5rxbida2n", "content": "CVE-2026-42288 - ChurchCRM: Incomplete fix for CVE-2026-39337: Unauthenticated RCE in Setup Wizard via unsanitized DB_PASSWORD\nCVE ID : CVE-2026-42288\n \n Published : May 12, 2026, 11:16 p.m. | 1\u00a0hour, 9\u00a0minutes ago\n \n Description : ChurchCRM is an open-source church management...", "creation_timestamp": "2026-05-13T01:31:22.399705Z"}