{"vulnerability": "CVE-2026-26032", "sightings": [{"uuid": "57ba6538-27d1-42d4-b373-9c55a5b850f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26032", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mqp5hrttv62x", "content": "CVE-2026-26032: Apache Ivy: PackagerResolver path traversal vulnerability", "creation_timestamp": "2026-07-15T16:31:38.033051Z"}, {"uuid": "525fb4b5-e4b9-4f7d-b94d-854ed796067a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26032", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqpmzwcoc222", "content": "CVE-2026-26032 - Apache Ivy: PackagerResolver path traversal vulnerability\nCVE ID : CVE-2026-26032\n \n Published : July 15, 2026, 7:17 p.m. | 17\u00a0minutes ago\n \n Description : The PackagerResolver of Apache Ivy is able to download online\nartifacts and to (re)package them in a for...", "creation_timestamp": "2026-07-15T21:10:14.137688Z"}, {"uuid": "4562d835-4c08-4e14-9c76-7606dadfda45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26032", "type": "seen", "source": "https://bsky.app/profile/eed3si9n.com/post/3mqsqe4xchk2e", "content": "\ud83e\uddd1\u200d\ud83d\ude92 released sbt 1.12.14 and 2.0.3, featuring\n- backport of CVE-2026-26032 fix for Ivy (while sbt might not be affected)\n- update to Jawn 1.7.0 for CVE-2026-59990 and CVE-2026-61814 fixes\need3si9n.com/sbt-1.12.14-... #Scala", "creation_timestamp": "2026-07-17T02:47:35.777568Z"}]}