{"vulnerability": "cve-2026-11860", "sightings": [{"uuid": "a53170a9-91b0-4906-af60-2b1957978d44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11860", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mod3ccvqf22h", "content": "OpenSolution Quick.CMS faces a HIGH severity deserialization flaw \u2014 admins using HTTP risk remote code execution. Upgrade to v6.8+ ASAP and avoid HTTP for admin access. https://radar.offseq.com/threat/cve-2026-11860-cwe-502-deserialization-of-untruste-3d43127c #OffSeq #security #patchnow", "creation_timestamp": "2026-06-15T10:30:27.285265Z"}, {"uuid": "89f11902-b754-4241-ab47-8ba8e1dc5839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11860", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116753657025172840", "content": "\u26a0\ufe0f CVE-2026-11860 (HIGH): OpenSolution Quick.CMS vulnerable to deserialization of untrusted data over HTTP. Remote code execution possible if admin accesses panel. Upgrade to v6.8+ to enforce HTTPS and mitigate risk. https://radar.offseq.com/threat/cve-2026-11860-cwe-502-deserialization-of-untruste-3d43127c #OffSeq #infosec #vuln #php", "creation_timestamp": "2026-06-15T10:30:32.298314Z"}, {"uuid": "10954e3c-b3aa-4fde-a493-213258d9efb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11860", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3modaybnvpg2h", "content": "CVE-2026-11860 - Insecure Deserialisation via Plaintext HTTP leading to Remote Code Execution in Quick.CMS\nCVE ID : CVE-2026-11860\n \n Published : June 15, 2026, 10:16 a.m. | 1\u00a0hour, 25\u00a0minutes ago\n \n Description : Quick.CMS deserializes user-controlled data received over plain...", "creation_timestamp": "2026-06-15T12:12:12.544180Z"}, {"uuid": "beda8bc9-8f4f-488c-aaa3-7ec44c7d2124", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-11860", "type": "seen", "source": "https://cert.pl/en/posts/2026/06/CVE-2026-11860", "content": "", "creation_timestamp": "2026-06-15T03:55:00.000000Z"}]}