{"vulnerability": "CVE-2026-54588", "sightings": [{"uuid": "cc1443dd-e929-4414-adee-47a1a7221cf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54588", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moylpvwyu22t", "content": "CVE-2026-54588 - Poweradmin has Host Header Injection in OIDC redirect_uri, SAML ACS/SLO URL, and Logout Redirect Construction.\nCVE ID : CVE-2026-54588\n \n Published : June 23, 2026, 10:09 p.m. | 1\u00a0hour, 34\u00a0minutes ago\n \n Description : Poweradmin is a web-based DNS administrati...", "creation_timestamp": "2026-06-23T23:50:17.512291Z"}, {"uuid": "40c12c82-63fe-4822-b160-7d165cba80b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54588", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mp2fjn4xgw2o", "content": "CVE-2026-54588 - Critical OIDC/SAML redirect_uri poisoning in Poweradmin. Unauthenticated attacker can steal auth codes via HTTP_HOST header injection. CVSS 9.6. No patch available. Disable OIDC/SAML until fixed. #CVE #infosec #Poweradmin\n\nhttps://www.valtersit.com/cve/CVE-2026-54588/", "creation_timestamp": "2026-06-24T17:04:44.070193Z"}]}