{"vulnerability": "cve-2026-1073", "sightings": [{"uuid": "39b522cf-de93-4dc0-baba-c5636feafbfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1073", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mghirnto3b2u", "content": "", "creation_timestamp": "2026-03-07T09:20:46.397265Z"}, {"uuid": "7a92851a-9c08-43a3-bdac-1d07dbccd1f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mngmztd3wh22", "content": "\ud83d\udfe0 CVE-2026-10737 - High (7.5)\n\nThe SP Project & Document Manager plugin for WordPress is vulnerable to unauthorized access due t...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-10737/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-04T03:00:37.918548Z"}, {"uuid": "2f15848e-df81-484e-8900-dd61c3dfb7fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mngzsdlxk324", "content": "CVE-2026-10737 - SP Project & Document Manager\nCVE ID : CVE-2026-10737\n \n Published : June 4, 2026, 2:16 a.m. | 4\u00a0hours, 16\u00a0minutes ago\n \n Description : The SP Project & Document Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability ...", "creation_timestamp": "2026-06-04T06:49:06.578209Z"}, {"uuid": "759ed1ed-b769-403b-9f5c-a7e3e86e61d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10731", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnu53r2lny2v", "content": "CVE-2026-10731 - SQL injection in Nemon products\nCVE ID : CVE-2026-10731\n \n Published : June 9, 2026, 10:16 a.m. | 59\u00a0minutes ago\n \n Description : SQL injection in the \u2018two_steps_auth_code\u2019 parameter processed by the \u2018twoStepsAuthVerification\u2019 function within the \u2018/user-login\u2019...", "creation_timestamp": "2026-06-09T11:52:38.287209Z"}, {"uuid": "6917f2ed-5e50-4526-824d-08bb7bb1bd05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mnj3tf3oaw2f", "content": "Top 3 CVE for last 7 days:\nCVE-2025-48595: 136 interactions\nCVE-2026-0257: 43 interactions\nCVE-2026-48778: 23 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-49858: 11 interactions\nCVE-2026-20230: 6 interactions\nCVE-2026-10737: 4 interactions\n", "creation_timestamp": "2026-06-05T02:30:48.004045Z"}, {"uuid": "86b2ab82-157a-4ddf-b8ed-76b64f7d1279", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10732", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnjqhegrqv2b", "content": "CVE-2026-10732 - Decompress Arbitrary File Write via Symlink Race Condition\nCVE ID : CVE-2026-10732\n \n Published : June 5, 2026, 7:16 a.m. | 1\u00a0hour, 16\u00a0minutes ago\n \n Description : All versions of the package decompress are vulnerable to Arbitrary File Write via Archive Extrac...", "creation_timestamp": "2026-06-05T08:39:51.704995Z"}, {"uuid": "14198c8b-c55e-427e-b649-0e92cbe9ddc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10732", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnjqhegrqv2b", "content": "CVE-2026-10732 - Decompress Arbitrary File Write via Symlink Race Condition\nCVE ID : CVE-2026-10732\n \n Published : June 5, 2026, 7:16 a.m. | 1\u00a0hour, 16\u00a0minutes ago\n \n Description : All versions of the package decompress are vulnerable to Arbitrary File Write via Archive Extrac...", "creation_timestamp": "2026-06-05T08:39:51.715297Z"}, {"uuid": "9f10f0cc-9044-4644-8526-da0889cc1c01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mnircqmoxk26", "content": "Unauthenticated attackers can read arbitrary file metadata and grab download links via SP Project & Document Manager. CVE-2026-10737 (CVSS 7.5) exploits missing capability checks in versions \u22644.71. Update immediately to 4.71+ \u2192 pulse-wp.com\n#WordPress #CyberSecurity #InfoSec #CVE", "creation_timestamp": "2026-06-04T23:22:30.518304Z"}, {"uuid": "c6c0b7bc-1e32-4ed7-989c-62834b85ce8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mnirmpxct22x", "content": "Unauthenticated attackers can download arbitrary files from SP Project & Document Manager via missing capability checks. CVE-2026-10737 (CVSS 7.5 HIGH). Affects all versions through 4.71. Update now \u2192 pulse-wp.com\n#WordPress #AccessControl #CyberSecurity", "creation_timestamp": "2026-06-04T23:28:06.432733Z"}, {"uuid": "c8e3662b-2bd0-4249-b173-7cfbfb2a2637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mnirr3vfxi26", "content": "CVE-2026-10737. CVSS 7.5. SP Project & Document Manager leaks file metadata and download links to anyone. No auth needed. Your configs, backups, API keys exposed.\n\nUpdate to 4.71. now.\n\n\u2192 pulse-wp.com\n#WordPress #AccessControl #CyberSecurity", "creation_timestamp": "2026-06-04T23:30:32.096936Z"}, {"uuid": "9a78e302-e89b-47e9-9786-cdc682625eb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mnirwyoxo42a", "content": "CVE-2026-10737. CVSS 7.5. SP Project & Document Manager leaks file metadata and download links to anyone. No auth needed. Your wp-config could be next.\n\nUpdate to 4.71. now. \u2192 pulse-wp.com\n#WordPress #AccessControl #CyberSecurity", "creation_timestamp": "2026-06-04T23:33:50.308809Z"}, {"uuid": "45c11c26-00ab-4285-8525-265efa834fb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mnis7ahx5p2k", "content": "CVE-2026-10737. CVSS 7.5. SP Project & Document Manager leaks file metadata and download links to unauthenticated visitors. Your wp-config. Database backups. Client files. All exposed.\n\nUpdate to 4.71 now.\n\nScan your WordPress site: pulse-wp.com\n#WordPress #AccessControl #CyberSecurity", "creation_timestamp": "2026-06-04T23:38:26.800071Z"}, {"uuid": "27bb9312-7bef-42f0-ae99-8556f00d921f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10737", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mnisbxpsiv2l", "content": "CVE-2026-10737. CVSS 7.5. SP Project & Document Manager leaks file metadata and download links to anyone. No auth needed. Your wp-config could be next.\n\nUpdate to 4.71. now. \u2192 pulse-wp.com\n#WordPress #AccessControl #PotatoSecurity", "creation_timestamp": "2026-06-04T23:39:58.520689Z"}, {"uuid": "69d33bfe-14a1-4cc8-b8fa-ffddc40a2b21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10738", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3mnwsajzizn2m", "content": "CVE-2026-10738 jquery-hover-footnotes (CVSS Score 6.4) \n\n#WordPress plugin #vulnerability #cybersecurity #wordpressfirewall #wordpresssecurity #hacking #wpsecurity #atomicedge", "creation_timestamp": "2026-06-10T13:16:27.080626Z"}, {"uuid": "b702b5a5-41d3-4d74-9abb-c754b9cc895d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-10733", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/gitlab-multiple-vulnerabilities_20260612", "content": "", "creation_timestamp": "2026-06-11T18:00:00.000000Z"}, {"uuid": "d3a531c6-b974-467d-adf6-b74c4ff64402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10733", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnzaxmissr2y", "content": "\ud83d\udd17 CVE : CVE-2026-10087, CVE-2026-10733, CVE-2026-1500, CVE-2026-3553, CVE-2026-6269, CVE-2026-6277, CVE-2026-6552, CVE-2026-6976, CVE-2026-7250, CVE-2026-8589, CVE-2026-9204, CVE-2026-9694", "creation_timestamp": "2026-06-11T12:45:12.892530Z"}]}