{"uuid": "c6369df9-a321-447a-b5cd-c54c26306cfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-3515", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116628024514004193", "content": "\ud83d\udea8 HIGH severity: CVE-2026-3515 in Prefect's GitHub integration (v3.6.18) lets attackers inject git options via 'reference' field, risking SSRF, credential theft, or RCE. No patch yet \u2014 avoid untrusted input! https://radar.offseq.com/threat/cve-2026-3515-cwe-88-improper-neutralization-of-ar-5216fe05 #OffSeq #Vuln #Infosec", "creation_timestamp": "2026-05-24T06:03:31.971311Z"}