{"vulnerability": "cve-2026-24014", "sightings": [{"uuid": "33fd5114-ced9-4155-8285-dd45e32e4d8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24014", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mpysv577xg2h", "content": "CVE-2026-24014: Apache IoTDB: Path Traversal in DataNode Internal RPC Trigger JAR Upload Allows Arbitrary File Write", "creation_timestamp": "2026-07-06T19:23:40.724232Z"}, {"uuid": "f68fb8fb-3cd6-491d-bb35-00aabcb1b33c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24014", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpywlvq6ic2e", "content": "CVE-2026-24014 - apache iotdb\nApache IoTDB allows an attacker to write files on the system if the internal RPC port is exposed to an untrusted network. This could lead to unauthorized data\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#apacheiotdb #apachefoundation #CVE #infosec", "creation_timestamp": "2026-07-06T20:30:08.486559Z"}, {"uuid": "f2c981f3-705c-4271-9ddf-e856b1eeb98c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24014", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mq4am2dxdh2f", "content": "\ud83d\udccc CVE-2026-24014 - Apache IoTDB DataNode\u2019s internal RPC interface for creating Trigger instances uses the uploaded Trigger JAR name to build a file path without sufficie... https://www.cyberhub.blog/cves/CVE-2026-24014", "creation_timestamp": "2026-07-08T04:07:07.286154Z"}]}