{"vulnerability": "cve-2026-1200", "sightings": [{"uuid": "dab54fac-cc22-4092-bdba-f0cbe92561bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-12007", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities_20260612", "content": "", "creation_timestamp": "2026-06-11T18:00:00.000000Z"}, {"uuid": "1afb32e9-1481-48cc-865b-ec97fe96ac21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-12008", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities_20260612", "content": "", "creation_timestamp": "2026-06-11T18:00:00.000000Z"}, {"uuid": "d1f27f0c-d932-4556-8678-bd884b4a4101", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-12009", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities_20260612", "content": "", "creation_timestamp": "2026-06-11T18:00:00.000000Z"}, {"uuid": "9a5530da-8455-4aa1-b0c3-3e5d7f3010dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12008", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mo3vnfrluu24", "content": "\ud83d\udfe0 CVE-2026-12008 - High (8.3)\n\nUse after free in DigitalCredentials in Google Chrome prior to 149.0.7827.115 allowed a remote at...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-12008/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-12T14:00:38.828111Z"}, {"uuid": "21285b97-8b81-4bff-b602-8657dcf62954", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12009", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mo3vnmhke324", "content": "\ud83d\udfe0 CVE-2026-12009 - High (8.3)\n\nInsufficient validation of untrusted input in Accessibility in Google Chrome on Mac prior to 149....\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-12009/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-12T14:00:46.122273Z"}, {"uuid": "a49d2b02-a973-4990-9c0e-039e2b25cf13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12007", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moawl7wpjz22", "content": "\ud83d\udfe0 CVE-2026-12007 - High (8.8)\n\nUse after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attac...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-12007/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-14T14:00:38.429152Z"}, {"uuid": "5f8c81ec-e2e3-49c5-bd3c-1fc76a9ef9f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-12007", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities_20260616", "content": "", "creation_timestamp": "2026-06-15T18:00:00.000000Z"}, {"uuid": "76c29a88-d7ff-434f-8441-264a2a0cecb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-12008", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities_20260616", "content": "", "creation_timestamp": "2026-06-15T18:00:00.000000Z"}, {"uuid": "63f3008f-097b-4d2a-ba49-b69175c815b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-12009", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities_20260616", "content": "", "creation_timestamp": "2026-06-15T18:00:00.000000Z"}, {"uuid": "0bfd8916-6bca-427f-9af3-f365cb28c3f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-12007", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1921", "content": "", "creation_timestamp": "2026-06-15T21:00:00.000000Z"}, {"uuid": "238285c8-1bab-4c3f-9b04-680ad2072567", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12003", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mogdvv6nl72p", "content": "[oss-security][CVE-2026-12003] CPython In-tree (development) search paths can be enabled without modifying install directory", "creation_timestamp": "2026-06-16T17:42:32.691785Z"}, {"uuid": "afadf0d0-f58f-4ef6-ad0c-a765a8c2e1fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12003", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogh75ee632m", "content": "CVE-2026-12003 - CPython &gt;3.11 Insecure Input Validation resulting in privilege escalation\nCVE ID : CVE-2026-12003\n \n Published : June 16, 2026, 5:16 p.m. | 15\u00a0minutes ago\n \n Description : To allow builds of Python to be run from an in-tree layout (rather than\nan installed fil...", "creation_timestamp": "2026-06-16T18:41:26.870563Z"}, {"uuid": "b7059742-7089-4f6e-83c4-b62d250d2a3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12003", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3moisqvs4mz2g", "content": "CVE-2026-12003, from Jake Yamaki of Bishop Fox: CPython uses VPATH and a Modules/setup.local landmark to find in-tree builds, so a low-privilege Windows user can create that path outside the install dir and inject libraries. CVSSv4 5.3. Should release builds ever look for landmarks? #Python", "creation_timestamp": "2026-06-17T17:13:31.307084Z"}, {"uuid": "069b3e2b-d49e-4f10-b9a6-b071707ea2df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12003", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3moivkbiuej2p", "content": "CVE-2026-12003 hits Windows Python users across 3.11.15, 3.12.13, 3.13.14, 3.14.6, 3.15.0b2 and earlier: a low-privilege account can inject library folders through a path CPython uses to detect in-tree builds. CVSSv4 5.3. How many Python versions are on your Windows machines? #Python", "creation_timestamp": "2026-06-17T18:03:29.710510Z"}, {"uuid": "ba3ddeff-8bbc-490f-8a1f-2a7eb2a779af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-12007", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1920", "content": "", "creation_timestamp": "2026-06-11T21:00:00.000000Z"}, {"uuid": "b55abfa5-d5d7-4acb-87e4-9ccb0954170b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12003", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mouymle4i52s", "content": "\ud83d\udd17 CVE : CVE-2026-12003", "creation_timestamp": "2026-06-22T13:30:25.214772Z"}, {"uuid": "ca1717ab-edf6-43a8-b02c-5210c6212c4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12007", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mpwep2brlk25", "content": "\u300cChrome\u300d\u306b\u4eca\u90312\u5ea6\u76ee\u306e\u30bb\u30ad\u30e5\u66f4\u65b0 - \u8106\u5f31\u602728\u4ef6\u3092\u4fee\u6b63\n\nGoogle\u306f\u73fe\u5730\u6642\u95932026\u5e746\u670811\u65e5\u3001\u30c7\u30b9\u30af\u30c8\u30c3\u30d7\u5411\u3051\u300cChrome\u300d\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u305f\u3002\u540c\u67088\u65e5\u306e\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u306b\u7d9a\u304f\u4eca\u90312\u5ea6\u76ee\u306e\u66f4\u65b0\u3067\u3001\u6df1\u523b\u306a\u8106\u5f31\u6027\u306b\u3082\u5bfe\u51e6\u3057\u3066\u3044\u308b\u3002\n\n...\n\n\u91cd\u8981\u5ea6\u304c\u3082\u3063\u3068\u3082\u9ad8\u3044\u300cCritical\u300d\u3068\u3055\u308c\u305f\u306e\u306f5\u4ef6\u3002\u30b3\u30a2\u90e8\u5206\u306b\u5224\u660e\u3057\u305f\u300cCVE-2026-12007\u300d\u3092\u306f\u3058\u3081\u3001\u300cDigitalCredentials\u300d\u306b\u95a2\u3059\u308b\u300cCVE-2026-12008\u300d\u3001\u300cWebMIDI\u300d\u306b\u304a\u3051\u308b\u300cCVE-2026-12011\u300d\u306a\u3069\u3001\u89e3\u653e\u3057\u305f\u30e1\u30e2\u30ea\u3092\u4f7f\u7528\u3059\u308b\u3044\u308f\u3086\u308b\u300cUse After...", "creation_timestamp": "2026-07-05T20:04:26.082160Z"}, {"uuid": "1a98df11-4786-4ba4-a54f-ee2ec149daf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12008", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mpwep2brlk25", "content": "\u300cChrome\u300d\u306b\u4eca\u90312\u5ea6\u76ee\u306e\u30bb\u30ad\u30e5\u66f4\u65b0 - \u8106\u5f31\u602728\u4ef6\u3092\u4fee\u6b63\n\nGoogle\u306f\u73fe\u5730\u6642\u95932026\u5e746\u670811\u65e5\u3001\u30c7\u30b9\u30af\u30c8\u30c3\u30d7\u5411\u3051\u300cChrome\u300d\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u305f\u3002\u540c\u67088\u65e5\u306e\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u306b\u7d9a\u304f\u4eca\u90312\u5ea6\u76ee\u306e\u66f4\u65b0\u3067\u3001\u6df1\u523b\u306a\u8106\u5f31\u6027\u306b\u3082\u5bfe\u51e6\u3057\u3066\u3044\u308b\u3002\n\n...\n\n\u91cd\u8981\u5ea6\u304c\u3082\u3063\u3068\u3082\u9ad8\u3044\u300cCritical\u300d\u3068\u3055\u308c\u305f\u306e\u306f5\u4ef6\u3002\u30b3\u30a2\u90e8\u5206\u306b\u5224\u660e\u3057\u305f\u300cCVE-2026-12007\u300d\u3092\u306f\u3058\u3081\u3001\u300cDigitalCredentials\u300d\u306b\u95a2\u3059\u308b\u300cCVE-2026-12008\u300d\u3001\u300cWebMIDI\u300d\u306b\u304a\u3051\u308b\u300cCVE-2026-12011\u300d\u306a\u3069\u3001\u89e3\u653e\u3057\u305f\u30e1\u30e2\u30ea\u3092\u4f7f\u7528\u3059\u308b\u3044\u308f\u3086\u308b\u300cUse After...", "creation_timestamp": "2026-07-05T20:04:26.143807Z"}, {"uuid": "31865685-d3fc-4585-8f4c-5e939c61094a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12002", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3mq5mov46i522", "content": "CVE-2026-12002 instagram-feed (CVSS Score 4.7) \n\n#WordPress plugin #vulnerability #cybersecurity #wordpressfirewall #hacking #wpsecurity #atomicedge #cybersecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-07-08T17:16:07.180454Z"}]}