{"vulnerability": "CVE-2026-11807", "sightings": [{"uuid": "ba475413-75e9-47bf-91c5-05af70e5bad9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11807", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116802141319916316", "content": "CVE-2026-11807 (CRITICAL, CVSS 9.6) affects Red Hat Ansible Automation Platform 2.5: missing authorization in EDA websocket API lets any authenticated user access plaintext credentials. Patch immediately. https://radar.offseq.com/threat/cve-2026-11807-missing-authorization-in-red-hat-re-1c4967af375a0bf5 #OffSeq #RedHat #Ansible #Vuln", "creation_timestamp": "2026-06-24T00:00:37.942065Z"}, {"uuid": "f0f389bf-22ac-45af-8852-b01f516d9230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11807", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3moymcgce3a2j", "content": "Red Hat Ansible Automation Platform 2.5 hit by CRITICAL vuln: missing authorization in EDA API exposes credentials to authenticated users. Update to patched version ASAP. https://radar.offseq.com/threat/cve-2026-11807-missing-authorization-in-red-hat-re-1c4967af375a0bf5 #OffSeq #Ansible #Security", "creation_timestamp": "2026-06-24T00:00:39.208809Z"}]}