{"vulnerability": "CVE-2026-41507", "sightings": [{"uuid": "ab2d0f2a-443e-4664-bb85-c9f1d5613e81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41507", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlemqt6vvp2q", "content": "\ud83d\udd34 CVE-2026-41507 - Critical (9.8)\n\nmath-codegen generates code from mathematical expressions. Prior to version 0.4.3, string literal...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41507/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-08T20:59:52.861197Z"}, {"uuid": "11f60175-7564-430d-96e5-9728cd91c184", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41507", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mlo2vqio2r2o", "content": "\ud83d\udccc CVE-2026-41507 - math-codegen generates code from mathematical expressions. Prior to version 0.4.3, string literal content passed to cg.parse() is injected verbatim in... https://www.cyberhub.blog/cves/CVE-2026-41507", "creation_timestamp": "2026-05-12T15:08:10.238693Z"}]}