{"vulnerability": "CVE-2026-9739", "sightings": [{"uuid": "bf6dbe8c-0d29-4122-a97f-0c4471ab0ab5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9739", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmulxqu6w32p", "content": "CVE-2026-9739 - Google Chrome SSE DNS Rebinding\nCVE ID : CVE-2026-9739\n \n Published : May 27, 2026, 9:38 p.m. | 53\u00a0minutes ago\n \n Description : Vulnerable to DNS rebinding attacks when using SSE (http://b/499408790). During the beta phase, we implemented `allowed-origins` and ...", "creation_timestamp": "2026-05-27T22:53:38.303766Z"}, {"uuid": "2660f72c-851d-4ff9-8afd-fddc613ea82e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9739", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116649259043709670", "content": "\ud83d\udea8 CRITICAL: CVE-2026-9739 in Google MCP Toolbox for Databases (CVSS 9.4) allows DNS rebinding via a permissive cross-domain policy in SSE. No patch yet \u2014 restrict untrusted domains & monitor advisories. https://radar.offseq.com/threat/cve-2026-9739-cwe-942-permissive-cross-domain-poli-e5d6e88a #OffSeq #CVE #Infosec #Google", "creation_timestamp": "2026-05-28T00:00:39.272255Z"}, {"uuid": "d96a891a-476e-45fa-92d3-edc71ac068f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9739", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mnd5lap2oa2u", "content": "Critical vulnerability CVE-2026-9739 in MCP Toolbox exposes enterprise databases to unauthorized access via DNS rebinding. Update now to secure your systems. #CyberSecurity #MCPToolbox #DataProtection Link: thedailytechfeed.com/vulnerabilit...", "creation_timestamp": "2026-06-02T17:46:03.616920Z"}]}