{"uuid": "f14b3285-7a28-456b-a6a1-46d1b49a591e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46414", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mmuzr6quda26", "content": "HIGH severity: Microsoft UFO 3.0.1-4-ge2626659 lets attackers spoof roles & hijack tasks via WebSocket. No patch \u2014 restrict token & client access now. Details: https://radar.offseq.com/threat/cve-2026-46414-cwe-290-authentication-bypass-by-sp-c8a9e703 #OffSeq #MicrosoftUFO #Security", "creation_timestamp": "2026-05-28T03:00:31.026182Z"}