{"uuid": "c867171d-4118-4a29-bef2-7e6362b0e837", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11386", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116932374467367447", "content": "CRITICAL vuln in ubuntu-pro-client &lt;37.2ubuntu~22.04.1: contract server manipulation can inject malicious APT config &amp; install arbitrary packages as root. Preinstalled on Ubuntu Pro images. Patch status TBD. Details: https://radar.offseq.com/threat/ubuntu-cve-2026-11386-a076c116b384b281 #OffSeq #Ubuntu #LinuxSec #Vulnerability", "creation_timestamp": "2026-07-17T00:00:38.053492Z"}