{"vulnerability": "cve-2026-1142", "sightings": [{"uuid": "e3ae5585-28ef-4776-a582-0d50995f342d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1142", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mcr5oonzdr2v", "content": "", "creation_timestamp": "2026-01-19T07:48:06.351530Z"}, {"uuid": "22d8c111-cd66-45b7-b5e1-5d9805113269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11420", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnkzghaetw27", "content": "CVE-2026-11420 - Path Traversal in Altium Enterprise Server NIS Allows Unauthenticated Arbitrary File Write and File Read\nCVE ID : CVE-2026-11420\n \n Published : June 5, 2026, 8:17 p.m. | 15\u00a0minutes ago\n \n Description : Two path traversal vulnerabilities in the Network Installa...", "creation_timestamp": "2026-06-05T20:53:04.530882Z"}, {"uuid": "9c0ada20-1a81-4f85-a7df-791e1b6faadb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11423", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnlbmptl6w2o", "content": "CVE-2026-11423 - Path Traversal in Altium Enterprise Server Collaboration Service Allows Privilege Escalation\nCVE ID : CVE-2026-11423\n \n Published : June 5, 2026, 9:16 p.m. | 1\u00a0hour, 58\u00a0minutes ago\n \n Description : A path traversal vulnerability exists in the Altium Enterprise...", "creation_timestamp": "2026-06-05T23:19:44.891852Z"}, {"uuid": "70166383-8aa7-44d4-9b3f-7c31d31a079c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11422", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnlbojk7yw22", "content": "CVE-2026-11422 - Markdown Preview Enhanced 0.8.x Code Injection via WaveDrom Rendering\nCVE ID : CVE-2026-11422\n \n Published : June 5, 2026, 9:16 p.m. | 1\u00a0hour, 58\u00a0minutes ago\n \n Description : Markdown Preview Enhanced 0.8.x with crossnote engine 0.9.28 contains a code injectio...", "creation_timestamp": "2026-06-05T23:20:45.326630Z"}, {"uuid": "3cefb206-fb16-455f-8ac1-4516be795d81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11429", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnlbxhyq522a", "content": "CVE-2026-11429 - Path Traversal in Altium Git Service Allows Remote Code Execution\nCVE ID : CVE-2026-11429\n \n Published : June 5, 2026, 10:16 p.m. | 57\u00a0minutes ago\n \n Description : A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise S...", "creation_timestamp": "2026-06-05T23:25:45.600632Z"}, {"uuid": "f34ede28-3357-4832-871e-067041da61ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11424", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnlcjfbp5z27", "content": "CVE-2026-11424 - Server-Side Request Forgery in Altium Platform Design GraphQL Service Allows Information Disclosure\nCVE ID : CVE-2026-11424\n \n Published : June 5, 2026, 10:16 p.m. | 57\u00a0minutes ago\n \n Description : A server-side request forgery (SSRF) vulnerability exists in a...", "creation_timestamp": "2026-06-05T23:35:46.754569Z"}, {"uuid": "8f9d1b87-d7d4-4daa-8c79-a5a6acd694be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11429", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnldvvpv6p2k", "content": "CRITICAL: Path traversal in Altium Enterprise Server & 365 (CVE-2026-11429) enables remote code execution for authenticated users. Patch to v8.1.1 or confirm 365 remediation now! https://radar.offseq.com/threat/cve-2026-11429-cwe-22-improper-limitation-of-a-pat-32167f3d #OffSeq #Vulnerability #Al...", "creation_timestamp": "2026-06-06T00:00:40.728167Z"}, {"uuid": "b6ac98f1-45b9-40e6-951d-6652e2574821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11429", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116700219846810318", "content": "\ud83d\udea8 CVE-2026-11429 (CRITICAL, CVSS 9.4): Path traversal in Altium Enterprise Server & Altium 365 Git Service lets authenticated users move files & trigger RCE. Patch to v8.1.1 or confirm 365 remediation! https://radar.offseq.com/threat/cve-2026-11429-cwe-22-improper-limitation-of-a-pat-32167f3d #OffSeq #Vuln #Altium #RCE", "creation_timestamp": "2026-06-06T00:00:41.269516Z"}, {"uuid": "d66c2796-4184-479e-9478-1e5db0f843c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11423", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnliwg7vgh2b", "content": "CRITICAL: Authenticated users can exploit a path traversal bug in Altium Enterprise Server to access sensitive files, risking full server takeover. Restrict access & monitor activity until patched. Altium 365 cloud not affected. https://radar.offseq.com/threat/cve-2026-11423-cwe-22-improper-limit...", "creation_timestamp": "2026-06-06T01:30:26.803157Z"}, {"uuid": "9acd01f9-76c1-4646-a08d-dc81a19dcd60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11423", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116700572823824582", "content": "\ud83d\udea8 CRITICAL: CVE-2026-11423 in Altium Enterprise Server lets authenticated users exploit path traversal to read sensitive files (e.g., config with admin creds). No patch yet \u2014 restrict access & monitor file downloads. Altium 365 cloud is safe. https://radar.offseq.com/threat/cve-2026-11423-cwe-22-improper-limitation-of-a-pat-6355aecc #OffSeq #CVE202611423 #infosec", "creation_timestamp": "2026-06-06T01:30:33.581170Z"}, {"uuid": "f400ad6e-bed9-4fe1-96cf-cfef7d993988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11420", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116700926764613870", "content": "\ud83d\udd34 CRITICAL: Altium Enterprise Server (NIS) path traversal (CVE-2026-11420, CVSS 10) lets unauth'd attackers write/read files, leading to RCE risk. Restrict access; monitor for vendor patches. Altium 365 not affected. https://radar.offseq.com/threat/cve-2026-11420-cwe-22-improper-limitation-of-a-pat-24b2eaa0 #OffSeq #vuln #infosec #CVE202611420", "creation_timestamp": "2026-06-06T03:00:41.020544Z"}, {"uuid": "7a1c2de3-265d-4a8c-9f88-c96bfc91f033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11420", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnlnxeyhpo2f", "content": "Altium Enterprise Server faces CRITICAL path traversal (CVSS 10). Unauth'd attackers can write/read files, risking RCE. Restrict NIS access & watch for patches. Cloud not affected. https://radar.offseq.com/threat/cve-2026-11420-cwe-22-improper-limitation-of-a-pat-24b2eaa0 #OffSeq #security #CVE20...", "creation_timestamp": "2026-06-06T03:00:44.507401Z"}, {"uuid": "b4dad5f6-9f02-4780-aa5a-0829ef54539c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11420", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motx5v4qxl2b", "content": "\ud83d\udea8  ALERT: CVE-2026-11420\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nTwo path traversal vulnerabilities in the Network Installation Service (NIS) of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on the server filesystem and to read package archi", "creation_timestamp": "2026-06-22T03:31:38.599603Z"}]}