{"vulnerability": "CVE-2026-41901", "sightings": [{"uuid": "234bf336-917b-4e84-be88-cfca086ad9ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41901", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlp5xdbnw42p", "content": "CVE-2026-41901 - Thymeleaf: Improper recognition of unauthorized syntax patterns in sandboxed Thymeleaf expressions\nCVE ID : CVE-2026-41901\n \n Published : May 12, 2026, 11:16 p.m. | 1\u00a0hour, 9\u00a0minutes ago\n \n Description : Thymeleaf is a server-side Java template engine for web ...", "creation_timestamp": "2026-05-13T01:34:21.220835Z"}, {"uuid": "7699ec3d-f5bf-48a7-aa8d-d1b4c7a527a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41901", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlpddjlakx2w", "content": "\ud83d\udd34 CVE-2026-41901 - Critical (9)\n\nThymeleaf is a server-side Java template engine for web and standalone environments. Prior to 3.1...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41901/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-13T03:10:40.050994Z"}]}