{"vulnerability": "cve-2026-1447", "sightings": [{"uuid": "1666a7d4-eebe-4782-acb3-cf21e9dac9f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-14474", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mq2i2pjj742r", "content": "SSSD, the Linux identity service, has a default flaw: one directory account can grant itself root on every enrolled server.\n\nAffects the LDAP/AD sudo provider with no search base set.\n\nFix: set ldap_sudo_search_base now. CVE-2026-14474", "creation_timestamp": "2026-07-07T11:15:22.671827Z"}, {"uuid": "78307054-2022-4f19-83ce-0dcad0f97c47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-14474", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq2igwm4s22b", "content": "CVE-2026-14474 - Sssd: sssd: sudo ldap provider searches entire directory tree for sudorole objects by default, enabling privilege escalation\nCVE ID : CVE-2026-14474\n \n Published : July 7, 2026, 10:16 a.m. | 58\u00a0minutes ago\n \n Description : A flaw was found in SSSD's LDAP sudo ...", "creation_timestamp": "2026-07-07T11:22:07.100584Z"}, {"uuid": "fc5f3aea-f4b3-4bef-92d5-8256ea26f498", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-14476", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq2iytgfgd2a", "content": "CVE-2026-14476 - Sssd: sssd: gpo cache path traversal via unsanitized gpcfilesyspath allows kerberos authentication bypass\nCVE ID : CVE-2026-14476\n \n Published : July 7, 2026, 10:16 a.m. | 58\u00a0minutes ago\n \n Description : A path traversal flaw was found in SSSD's AD GPO provide...", "creation_timestamp": "2026-07-07T11:32:06.860405Z"}, {"uuid": "2df6fc99-daf7-4502-8504-0379e835f2b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-14471", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3mqagj5ufaw2i", "content": "CVE-2026-14471 - Authenticated SQL injection in the metrics-service retention policy subsystem of mcp-gateway-registry #patchmanagement", "creation_timestamp": "2026-07-09T20:03:32.857716Z"}, {"uuid": "aabeebaa-958e-4c12-9bfe-e25e87c97dd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-14475", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqc4ksozb32a", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-14475 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 WPLP Cookie Consent: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 WordPress-\u0441\u0430\u0439\u0442\u043e\u0432\n\n\n\nhttps://kripta.biz/posts/F66BDA83-9122-466D-89C9-2CAE57147A88", "creation_timestamp": "2026-07-10T12:10:49.463236Z"}, {"uuid": "551c4210-5eae-4603-898e-3e56bcd43e0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-14475", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqcm7br7362s", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-14475 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 WPLP Cookie Consent: \u0443\u0433\u0440\u043e\u0437\u0430 \u0434\u043b\u044f \u0441\u0430\u0439\u0442\u043e\u0432 \u043d\u0430 WordPress\n\n\n\nhttps://kripta.biz/posts/323710BC-81C4-4ABA-890B-00D33ECC882F", "creation_timestamp": "2026-07-10T16:50:42.088128Z"}, {"uuid": "47e5cc8a-ff48-488e-8646-a6f68e4af12a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-14475", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqd2wo3qf72y", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-14475 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 WPLP Cookie Consent: \u0443\u0433\u0440\u043e\u0437\u0430 \u0434\u043b\u044f \u0441\u0430\u0439\u0442\u043e\u0432 \u043d\u0430 WordPress\n\n\n\nhttps://kripta.biz/posts/25E77CA1-62C7-41FC-86F8-62C33393F277", "creation_timestamp": "2026-07-10T21:14:19.034577Z"}]}