{"vulnerability": "cve-2026-1141", "sightings": [{"uuid": "00efb6c7-a7c3-4ca3-a62c-069309692edc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11419", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnlsyefnvw23", "content": "\ud83d\udea8 CRITICAL vulnerability in Altium Enterprise Server: Authenticated path traversal enables file uploads anywhere on the server \u2014 RCE risk! Cloud not affected. Patch status unknown; check advisories. https://radar.offseq.com/threat/cve-2026-11419-cwe-22-improper-limitation-of-a-pat-2a74f312 #OffSe...", "creation_timestamp": "2026-06-06T04:30:29.776088Z"}, {"uuid": "b5d1795c-6091-42bb-ada9-9603369a5e93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11414", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnkztxyif42t", "content": "CVE-2026-11414 - Unauthenticated File Exfiltration in Altium Enterprise Server Vault Service via Hard-coded Cryptographic Key and Path Traversal\nCVE ID : CVE-2026-11414\n \n Published : June 5, 2026, 8:17 p.m. | 15\u00a0minutes ago\n \n Description : A hard-coded cryptographic key is u...", "creation_timestamp": "2026-06-05T21:00:38.158838Z"}, {"uuid": "d8e1f043-0589-4750-9d72-0b42c76f5416", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11416", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnlajcy3g72l", "content": "\ud83d\udfe0 CVE-2026-11416 - High (8.1)\n\nMoviePilot contains a path traversal vulnerability in the AliPan, U115, and Rclone cloud storage ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-11416/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-05T22:59:57.797749Z"}, {"uuid": "7b89c416-a00b-449c-ba5b-7746969bad3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11416", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mnlajecvof2j", "content": "\ud83d\udfe0 CVE-2026-11416 - High (8.1)\n\nMoviePilot contains a path traversal vulnerability in the AliPan, U115, and Rclone clown storage ...\n\nhttps://www.themasherwire.com/vulnerability/CVE-2026-11416/\n\n#infosec #potatosecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-05T22:59:58.434706Z"}, {"uuid": "1e0285cb-371e-4c4b-8f72-0faebb0916c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11416", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnlcagfxah2g", "content": "CVE-2026-11416 - MoviePilot Path Traversal via Cloud Storage Download Handlers\nCVE ID : CVE-2026-11416\n \n Published : June 5, 2026, 10:16 p.m. | 57\u00a0minutes ago\n \n Description : MoviePilot contains a path traversal vulnerability in the AliPan, U115, and Rclone cloud storage dow...", "creation_timestamp": "2026-06-05T23:30:45.914792Z"}, {"uuid": "85d02fd1-bcc7-46c6-84eb-09b3dfa0b2d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11416", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mnlmftgkxj2b", "content": "MoviePilot\u306eAliPan\u7b49\u3067\u3001\u30d5\u30a1\u30a4\u30eb\u540d\u306b ../ \u3092\u542b\u3081\u308b\u3068\u3001\u8a2d\u5b9a\u5916\u306e\u4efb\u610f\u30d5\u30a1\u30a4\u30eb\u4e0a\u66f8\u304d\u306e\u6050\u308c\u304c\u3042\u308b\u3002\nCVE-2026-11416 CVSS 8.1 | HIGH", "creation_timestamp": "2026-06-06T02:32:44.793766Z"}, {"uuid": "eb2450d2-c6e5-4231-bf14-379a6162d786", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1141", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mcr5fp7hk22r", "content": "", "creation_timestamp": "2026-01-19T07:43:06.118209Z"}, {"uuid": "ce32d2f7-780d-4c51-9003-cc74ec54e411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11419", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnkzcm7lbt24", "content": "CVE-2026-11419 - Path Traversal in Altium Enterprise Server Vault UploadController Allows Arbitrary File Write\nCVE ID : CVE-2026-11419\n \n Published : June 5, 2026, 8:17 p.m. | 15\u00a0minutes ago\n \n Description : A path traversal vulnerability exists in the Altium Enterprise Server...", "creation_timestamp": "2026-06-05T20:50:55.492639Z"}, {"uuid": "805bb60e-d17c-4ed4-aa55-cd60608ff725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11419", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116701280781825579", "content": "\ud83d\udea8 CRITICAL: CVE-2026-11419 in Altium Enterprise Server allows authenticated path traversal, enabling file writes anywhere on the server \u2014 RCE possible! Not affecting Altium 365 cloud. Monitor advisories for patches. https://radar.offseq.com/threat/cve-2026-11419-cwe-22-improper-limitation-of-a-pat-2a74f312 #OffSeq #Vuln #Altium", "creation_timestamp": "2026-06-06T04:30:42.640129Z"}, {"uuid": "d40e0c30-7662-4880-8253-00782cbeede0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11413", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116701664812182971", "content": "We have just added an important vulnerability affecting JingDong JD Cloud Box AX6600 (CVE-2026-11413) https://vuldb.com/vuln/368970", "creation_timestamp": "2026-06-06T06:08:07.166329Z"}, {"uuid": "87c866a2-d4b1-4da1-92c1-1805c6dc278b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11413", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnnuepdbju2a", "content": "HIGH severity buffer overflow found in JingDong JD Cloud Box AX6600 (4.5.3.r4546). No vendor response or fix \u2014 restrict network access and monitor for updates. https://radar.offseq.com/threat/cve-2026-11413-stack-based-buffer-overflow-in-jing-2be3fa19 #OffSeq #IoTSecurity #Vulnerability", "creation_timestamp": "2026-06-07T00:00:36.679472Z"}, {"uuid": "8b1db3b2-bb7d-4cd3-bdfb-e5c391ef9611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11414", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116702696330101939", "content": "\ud83d\udd12 CRITICAL: CVE-2026-11414 in Altium Enterprise Server \u2014 hard-coded keys + path traversal let unauth'd attackers access files & configs, risking full compromise. Restrict access, monitor for fixes. https://radar.offseq.com/threat/cve-2026-11414-cwe-798-use-of-hard-coded-credentia-ab72dad7 #OffSeq #Cybersecurity #CVE2026_11414", "creation_timestamp": "2026-06-06T10:30:27.202642Z"}, {"uuid": "25221057-6648-41d5-a176-8591aed71f29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11414", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnmh43cise2l", "content": "\ud83d\udea8 CRITICAL: Altium Enterprise Server flaw (CVE-2026-11414) allows unauth'd file theft via hard-coded keys & path traversal. Restrict access now & watch for patches. https://radar.offseq.com/threat/cve-2026-11414-cwe-798-use-of-hard-coded-credentia-ab72dad7 #OffSeq #Security #Vulnerability", "creation_timestamp": "2026-06-06T10:30:29.315991Z"}, {"uuid": "9eb4f7b5-86a7-464f-976c-2624efc0d621", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11412", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnmow7vypb2d", "content": "CVE-2026-11412 - Jinher OA GetFormSn.aspx sql injection\nCVE ID : CVE-2026-11412\n \n Published : June 6, 2026, 11:16 a.m. | 1\u00a0hour, 16\u00a0minutes ago\n \n Description : A weakness has been identified in Jinher OA C6. The affected element is an unknown function of the file /C6/JHSoft....", "creation_timestamp": "2026-06-06T12:50:21.872476Z"}, {"uuid": "382a4bc4-a5a9-4d77-a3a8-a77b65ef9673", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11411", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnmpi4r52i23", "content": "CVE-2026-11411 - iAI Lab PDF AI App chatpdf.pro getExternalCacheDir path traversal\nCVE ID : CVE-2026-11411\n \n Published : June 6, 2026, 11:16 a.m. | 1\u00a0hour, 16\u00a0minutes ago\n \n Description : A security flaw has been discovered in iAI Lab PDF AI App 4.21.0 on Android. Impacted is...", "creation_timestamp": "2026-06-06T13:00:22.525501Z"}, {"uuid": "4f3eca7b-3538-4b99-b930-e337ac45069d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11413", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnmxcogcry2s", "content": "CVE-2026-11413 - JingDong JD Cloud Box AX6600 jdcweb_rpc set_macfilter stack-based overflow\nCVE ID : CVE-2026-11413\n \n Published : June 6, 2026, 2:16 p.m. | 58\u00a0minutes ago\n \n Description : A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. ...", "creation_timestamp": "2026-06-06T15:20:30.784191Z"}, {"uuid": "1bbb9157-eccd-46bb-b65a-189bbfbd5f95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11413", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mnmzqoho242i", "content": "JD Cloud Box AX6600 4.5.3.r4546\u306eset_macfilter\u95a2\u6570\u306b\u30b9\u30bf\u30c3\u30af\u30d0\u30c3\u30d5\u30a1\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u306e\u8106\u5f31\u6027\u3002\u30ea\u30e2\u30fc\u30c8\u304b\u3089\u306e\u653b\u6483\u304c\u53ef\u80fd\u3002\nCVE-2026-11413 CVSS 8.8 | HIGH", "creation_timestamp": "2026-06-06T16:04:07.016994Z"}, {"uuid": "1610457c-2394-47d6-b7c1-3f9bee874839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11413", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnngweyb3t2b", "content": "\ud83d\udfe0 CVE-2026-11413 - High (8.8)\n\nA security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impac...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-11413/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-06T19:59:58.879044Z"}, {"uuid": "993c49ad-0e6e-4aee-9341-8ffd75348480", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11413", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116705881895179464", "content": "\u26a0\ufe0f HIGH severity: Stack-based buffer overflow in JingDong JD Cloud Box AX6600 v4.5.3.r4546 (CVE-2026-11413). Remote code execution possible. Vendor silent, no patch. Isolate devices & monitor for updates. https://radar.offseq.com/threat/cve-2026-11413-stack-based-buffer-overflow-in-jing-2be3fa19 #OffSeq #Vulnerability #IoTSecurity", "creation_timestamp": "2026-06-07T00:00:40.564318Z"}]}