{"vulnerability": "cve-2026-2560", "sightings": [{"uuid": "1c9152ed-d641-4b36-981c-7fda4daf7662", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-25605", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-04", "content": "", "creation_timestamp": "2026-03-17T12:00:00.000000Z"}, {"uuid": "c4b2ea71-b79f-4ec4-a3e4-ef6546cc902e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-25605", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0255/", "content": "", "creation_timestamp": "2026-03-10T00:00:00.000000Z"}, {"uuid": "1e70a2c4-b60c-402f-a348-d360ed9c26e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25601", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3migzt6t6dh2d", "content": "", "creation_timestamp": "2026-04-01T15:43:34.731204Z"}, {"uuid": "16e57afa-232e-4a25-9df4-497b249c79bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25604", "type": "published-proof-of-concept", "source": "Telegram/UcOXFA8nSOttq6tnEv5GYCOJTlyoQN894TbAmd-Usu-nlPU", "content": "", "creation_timestamp": "2026-04-22T15:00:07.000000Z"}, {"uuid": "d760fc24-8e37-4417-965f-255c593592e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-25606", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116617761811334726", "content": "STER (Centralny Instytut Ochrony Pracy) faces a HIGH severity SQL Injection (CVE-2026-25606, CVSS 8.7). Authenticated attackers can access sensitive data via search filters. Patch by upgrading to v9.5. \ud83d\udee1\ufe0f https://radar.offseq.com/threat/cve-2026-25606-cwe-89-improper-neutralization-of-s-41b4f04f #OffSeq #SQLInjection #Vuln #Infosec", "creation_timestamp": "2026-05-22T10:30:29.600059Z"}, {"uuid": "91607148-defd-48b8-9d42-fb110a67c7ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-25606", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mmgq4dhyyh2o", "content": "HIGH severity SQL Injection in STER (CIOP-PIB)! Authenticated users can access sensitive data. Fix: upgrade to v9.5 ASAP. \ud83d\udd12 https://radar.offseq.com/threat/cve-2026-25606-cwe-89-improper-neutralization-of-s-41b4f04f #OffSeq #SQLInjection #Security", "creation_timestamp": "2026-05-22T10:30:31.184147Z"}, {"uuid": "c583e31b-30da-469b-a77f-1836e5321283", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25606", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmgqtymixw2i", "content": "CVE-2026-25606 - SQL Injection in STER\nCVE ID : CVE-2026-25606\n \n Published : May 22, 2026, 9:14 a.m. | 1\u00a0hour, 7\u00a0minutes ago\n \n Description : A SQL injection vulnerability has been identified in STER. Improper neutralization of input provided by user into multiple Search Filt...", "creation_timestamp": "2026-05-22T10:43:44.641414Z"}, {"uuid": "88463fe8-25d1-485d-a538-28c15964c358", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25607", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmgybe5ykk2p", "content": "CVE-2026-25607 - Weak password encoding in STER\nCVE ID : CVE-2026-25607\n \n Published : May 22, 2026, 10:16 a.m. | 2\u00a0hours, 3\u00a0minutes ago\n \n Description : Use of a weak password encoding algorithm in STER software allows the value of the password to be guessed after analyzing h...", "creation_timestamp": "2026-05-22T12:56:29.127402Z"}, {"uuid": "643a756d-a3e1-4609-8b6e-9006d6a4c187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-25606", "type": "seen", "source": "https://cert.pl/en/posts/2026/05/CVE-2026-25606", "content": "", "creation_timestamp": "2026-05-22T03:55:00.000000Z"}, {"uuid": "d79fd5d5-87f4-49e2-941a-a5b4d72513ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-25608", "type": "seen", "source": "https://cert.pl/en/posts/2026/05/CVE-2026-25606", "content": "", "creation_timestamp": "2026-05-22T03:55:00.000000Z"}, {"uuid": "c602b720-9f76-4551-8f48-34602bd382fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25608", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmgzrv4iaa2e", "content": "CVE-2026-25608 - Lack of traffic encryption in STER\nCVE ID : CVE-2026-25608\n \n Published : May 22, 2026, 10:16 a.m. | 2\u00a0hours, 3\u00a0minutes ago\n \n Description : STER uses unencrypted TCP traffic to transmit data over the network. It allows an attacker to\u00a0conduct a Man-In-The-Midd...", "creation_timestamp": "2026-05-22T13:23:37.563676Z"}, {"uuid": "32ab2ee7-0b0f-496b-a0a4-d57cd0dca9ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-25607", "type": "seen", "source": "https://cert.pl/en/posts/2026/05/CVE-2026-25606", "content": "", "creation_timestamp": "2026-05-22T03:55:00.000000Z"}, {"uuid": "cee1a12f-eb4c-4670-803f-c79b91a8c380", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25600", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mna53iop2j2j", "content": "CVE-2026-25600 - Credential Exposure Vulnerability in Trac PDBM\nCVE ID : CVE-2026-25600\n \n Published : June 1, 2026, 11:16 a.m. | 1\u00a0hour, 16\u00a0minutes ago\n \n Description : The PDBM application relies on a static, hard\u2011coded secret embedded \nin the PDBM.exe executable. This secre...", "creation_timestamp": "2026-06-01T12:59:14.591475Z"}]}