{"vulnerability": "CVE-2026-38707", "sightings": [{"uuid": "e9457899-836b-4503-9278-2594e1007feb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-38707", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwrh3q2u72e", "content": "CVE-2026-38707 - InHand Networks IPSec VPN Command Injection Vulnerability\nCVE ID : CVE-2026-38707\n \n Published : May 28, 2026, 5:16 p.m. | 1\u00a0hour, 54\u00a0minutes ago\n \n Description : A command injection vulnerability exists in the IPSec VPN feature of InHand Networks IR302 firmwa...", "creation_timestamp": "2026-05-28T19:37:01.020995Z"}, {"uuid": "eec27f9a-e96d-411d-9745-b11d4cb5f7fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-38707", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/116653667300152603", "content": "Anyone know anything about these router vulns? I'm especially interested in CVE-2026-38704, a command injection in the Wireguard function, and CVE-2026-38707, a command injection in the IPSEC function.\nhttps://www.inhand.com/wp-content/uploads/InHand-PSA-2026-05_EN.pdf", "creation_timestamp": "2026-05-28T18:41:46.192893Z"}]}