{"vulnerability": "CVE-2026-4273", "sightings": [{"uuid": "9df4d753-7224-4bdb-91f0-eb7915175abd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4273", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mm4j5attsm2h", "content": "CVE-2026-4273 - Insufficient token rotation validation in remote cluster invite confirmation\nCVE ID : CVE-2026-4273\n \n Published : May 18, 2026, 6:56 a.m. | 1\u00a0hour, 15\u00a0minutes ago\n \n Description : Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to validate...", "creation_timestamp": "2026-05-18T08:59:08.048576Z"}, {"uuid": "24499374-ccd3-4a70-9e4e-1b02ba7a82fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42735", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmtk5bbom62i", "content": "CVE-2026-42735 - WordPress KiviCare plugin\nCVE ID : CVE-2026-42735\n \n Published : 27 May 2026, 9:49 a.m. | 1\u00a0hour, 20\u00a0minutes ago\n \n Description : Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system...", "creation_timestamp": "2026-05-27T12:48:16.094843Z"}, {"uuid": "cb02ae78-5f8b-4b7f-b146-a5cdfe840315", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42730", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmtgaijzr22e", "content": "CVE-2026-42730 - WordPress MasterStudy LMS plugin\nCVE ID : CVE-2026-42730\n \n Published : 27 May 2026, 9:49 a.m. | 1\u00a0hour, 20\u00a0minutes ago\n \n Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix MasterStudy ...", "creation_timestamp": "2026-05-27T11:38:29.274535Z"}, {"uuid": "b0b5997b-6d16-42c5-b35a-19118252978f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42737", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmthly6rxy2i", "content": "CVE-2026-42737 - WordPress VikBooking Hotel Booking Engine & PMS plugin\nCVE ID : CVE-2026-42737\n \n Published : 27 May 2026, 9:49 a.m. | 1\u00a0hour, 20\u00a0minutes ago\n \n Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in e4jvi...", "creation_timestamp": "2026-05-27T12:02:48.607652Z"}, {"uuid": "a1def674-0de4-44ac-ac15-29754ed38819", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42731", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmtjle3crj2h", "content": "CVE-2026-42731 - WordPress miniorange otp verification plugin\nCVE ID : CVE-2026-42731\n \n Published : 27 May 2026, 9:49 a.m. | 1\u00a0hour, 20\u00a0minutes ago\n \n Description : Incorrect Privilege Assignment vulnerability in miniOrange miniorange otp verification miniorange-otp-verificat...", "creation_timestamp": "2026-05-27T12:38:15.041464Z"}, {"uuid": "b27ffb39-f39e-4885-9e58-3ee98e888cbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42735", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmto7jgoyz2t", "content": "\ud83d\udfe0 CVE-2026-42735 - High (8.2)\n\nAuthentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42735/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-27T14:01:07.436784Z"}]}