{"vulnerability": "cve-2026-1222", "sightings": [{"uuid": "f0ffd4a2-0b21-48d8-ad33-e99071abd0e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1222", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mcto5rhcok2m", "content": "", "creation_timestamp": "2026-01-20T07:48:11.761082Z"}, {"uuid": "ebc97cc2-3495-4bf9-9d61-67fb7d592cbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-1222", "type": "seen", "source": "https://www.twcert.org.tw/en/cp-139-10643-2f8d7-2.html", "content": "", "creation_timestamp": "2026-01-20T06:08:00.000000Z"}, {"uuid": "857a65f4-5607-4c7a-acda-0e3aaf0df7d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12220", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mocpkfa5of2w", "content": "\ud83d\udfe0 CVE-2026-12220 - High (8)\n\nA vulnerability has been found in Yealink SIP-T46U 108.86.0.118. This affects the function mod_up...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-12220/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-15T07:00:14.183007Z"}, {"uuid": "bc0ad49a-163c-4017-97cc-2b38c53ecb3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12221", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116748855026545149", "content": "The severity is increased for this new vulnerability affecting Yealink SIP-T46U (CVE-2026-12221) https://vuldb.com/vuln/370864", "creation_timestamp": "2026-06-14T14:09:12.981478Z"}, {"uuid": "254ae388-3eb7-4585-9897-7ae3dab58bee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12222", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116748909958194636", "content": "We have just added an important vulnerability affecting Yealink SIP-T46U (CVE-2026-12222) https://vuldb.com/vuln/370865", "creation_timestamp": "2026-06-14T14:23:10.926171Z"}, {"uuid": "5cb51ded-533c-4c60-9359-4c38ea5102d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12221", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mocpkmlj2e2o", "content": "\ud83d\udfe0 CVE-2026-12221 - High (8)\n\nA vulnerability was found in Yealink SIP-T46U 108.86.0.118. This impacts the function sprintf of ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-12221/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-15T07:00:21.446137Z"}, {"uuid": "0bac874d-038e-4ea2-8110-990cda7e8fb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12222", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mocpktp47b26", "content": "\ud83d\udfe0 CVE-2026-12222 - High (8)\n\nA vulnerability was determined in Yealink SIP-T46U 108.86.0.118. Affected is the function mod_web...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-12222/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-15T07:00:28.829184Z"}, {"uuid": "5b3eb47f-2fa3-4329-af2c-2abaf7c164f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12222", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116752949593372358", "content": "Yealink SIP-T46U v108.86.0.118 hit by HIGH-severity stack-based buffer overflow (CVE-2026-12222). Exploitable via local network \u2014 no patch, vendor unresponsive. Restrict access & monitor. https://radar.offseq.com/threat/cve-2026-12222-stack-based-buffer-overflow-in-yeal-f1394c98 #OffSeq #Yealink #VoIP #Vuln", "creation_timestamp": "2026-06-15T07:30:32.633645Z"}, {"uuid": "399c22dd-c559-433a-991f-c230bc7ac439", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12222", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mocramggko2a", "content": "Yealink SIP-T46U (v108.86.0.118) faces HIGH-severity stack buffer overflow \u2014 no fix yet. Limit local network access & monitor for threats. Vendor hasn\u2019t responded. https://radar.offseq.com/threat/cve-2026-12222-stack-based-buffer-overflow-in-yeal-f1394c98 #OffSeq #Yealink #Vulnerability", "creation_timestamp": "2026-06-15T07:30:32.868888Z"}, {"uuid": "8689b079-0dc7-4bc7-a76d-ab00149bdd88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12222", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mocse4yapw2h", "content": "CVE-2026-12222 - Yealink SIP-T46U Web FastCGI Service bttest mod_webd.BlueToothTest stack-based overflow\nCVE ID : CVE-2026-12222\n \n Published : June 15, 2026, 6:16 a.m. | 1\u00a0hour, 25\u00a0minutes ago\n \n Description : A vulnerability was determined in Yealink SIP-T46U 108.86.0.118. A...", "creation_timestamp": "2026-06-15T07:50:41.467270Z"}, {"uuid": "77715eef-5439-46e9-a9a1-48ac89b05b06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12221", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3moczlum32k2d", "content": "# Daily IT Security Digest \u2013 2026-06-15\n=== IT Security Data Collection \u2014 2026-06-15 ===\n\n--- #infosec (5 posts) ---\n@offseq@infosec.exchange: \ud83d\udd0e CVE-2026-12221: HIGH severity stack-based buffer overflow in Yealink SIP-T46U (108.86.0.118). Exploitable via local network \u2014 potential code execution or", "creation_timestamp": "2026-06-15T09:59:59.744901Z"}, {"uuid": "ea694762-4ba2-4858-8a0e-08996da4f7fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12221", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moct5visew2b", "content": "CVE-2026-12221 - Yealink SIP-T46U Firmware Chunk Upload upgrade sprintf stack-based overflow\nCVE ID : CVE-2026-12221\n \n Published : June 15, 2026, 6:16 a.m. | 1\u00a0hour, 25\u00a0minutes ago\n \n Description : A vulnerability was found in Yealink SIP-T46U 108.86.0.118. This impacts the f...", "creation_timestamp": "2026-06-15T08:04:48.533785Z"}, {"uuid": "db35b453-e11e-4058-b348-12515b4c5bd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12220", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moctguavyj2e", "content": "CVE-2026-12220 - Yealink SIP-T46U Firmware Chunk Upload handler accupgradebychunk mod_upgrade.SparePartsUpload stack-based overflow\nCVE ID : CVE-2026-12220\n \n Published : June 15, 2026, 6:16 a.m. | 1\u00a0hour, 25\u00a0minutes ago\n \n Description : A vulnerability has been found in Yeali...", "creation_timestamp": "2026-06-15T08:09:49.371607Z"}, {"uuid": "f55a67a7-51f1-44bd-ae51-d528d82a1082", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12223", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mocukowlju2p", "content": "CVE-2026-12223 - Yealink SIP-T46U Web FastCGI Service tftpuploadiperf mod_webd.TFTPUploadIperf command injection\nCVE ID : CVE-2026-12223\n \n Published : June 15, 2026, 6:16 a.m. | 1\u00a0hour, 25\u00a0minutes ago\n \n Description : A vulnerability was identified in Yealink SIP-T46U 108.86....", "creation_timestamp": "2026-06-15T08:30:12.967781Z"}, {"uuid": "93533d99-4834-4e31-92df-928c55b39249", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12221", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mod2m5kovl26", "content": "CVE-2026-12221:", "creation_timestamp": "2026-06-15T10:18:06.669820Z"}, {"uuid": "d7d7453e-6a51-461d-a68b-dfbf7aabd918", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12221", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mocwbh6jag2l", "content": "Yealink SIP-T46U (ver. 108.86.0.118) hit by HIGH severity stack buffer overflow. Local network attackers could execute code or crash device. No patch \u2014 limit access & watch for updates. https://radar.offseq.com/threat/cve-2026-12221-stack-based-buffer-overflow-in-yeal-97330930 #OffSeq #VoIP", "creation_timestamp": "2026-06-15T09:00:33.962611Z"}, {"uuid": "6641de5c-d260-4784-bbe9-c488cae28487", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12221", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116753303263866173", "content": "\ud83d\udd0e CVE-2026-12221: HIGH severity stack-based buffer overflow in Yealink SIP-T46U (108.86.0.118). Exploitable via local network \u2014 potential code execution or DoS. No fix yet; restrict device access & monitor updates. https://radar.offseq.com/threat/cve-2026-12221-stack-based-buffer-overflow-in-yeal-97330930 #OffSeq #VoIP #Infosec", "creation_timestamp": "2026-06-15T09:00:37.453492Z"}, {"uuid": "f9ca4fac-a3a3-413c-bdde-9f49a1e6f0ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12221", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mocza5ns2v2u", "content": "CVE-2026-12221:", "creation_timestamp": "2026-06-15T09:53:26.803464Z"}, {"uuid": "cabe4334-0cc0-49cb-aa5c-20c297628398", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12221", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mocza5ovnq26", "content": "CVE-2026-12221:", "creation_timestamp": "2026-06-15T09:53:27.349046Z"}, {"uuid": "1e28cc32-335a-4a43-9e90-f3da8599867c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12221", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3moczlpepmr2x", "content": "CVE-2026-12221:", "creation_timestamp": "2026-06-15T09:59:54.461240Z"}, {"uuid": "459a7597-09cf-4350-9630-31019fe14195", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12221", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3moeqyf377y2r", "content": "Top 3 CVE for last 7 days:\nCVE-2026-35273: 57 interactions\nCVE-2026-11645: 30 interactions\nCVE-2025-10263: 25 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-39987: 18 interactions\nCVE-2026-0257: 7 interactions\nCVE-2026-12221: 6 interactions\n", "creation_timestamp": "2026-06-16T02:31:16.968863Z"}, {"uuid": "00a38f74-476d-4669-9827-c7c9b28698c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12225", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mofvwytyu62f", "content": "CVE-2026-12225 - syracom Secure Login (2FA) for Confluence allows 2FA bypass via spoofed User-Agent\nCVE ID : CVE-2026-12225\n \n Published : June 16, 2026, 12:16 p.m. | 52\u00a0minutes ago\n \n Description : syracom AG Secure Login (2FA) for Atlassian Jira, Confluence, and Bitbucket 3....", "creation_timestamp": "2026-06-16T13:32:37.805515Z"}]}