{"vulnerability": "cve-2026-2876", "sightings": [{"uuid": "1eb9ef73-28b2-4bc6-9fbd-c3b6e86f810f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-28760", "type": "seen", "source": "https://jvn.jp/en/jp/JVN08057419/", "content": "", "creation_timestamp": "2026-03-26T03:00:15.000000Z"}, {"uuid": "8bed904b-a324-46c7-bae6-0030b189f57c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28769", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mg7te5ml3j27", "content": "", "creation_timestamp": "2026-03-04T08:08:46.424912Z"}, {"uuid": "8991ba76-12e8-431a-a065-e9d0b2d265b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2876", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mfl6f3rqqy2x", "content": "", "creation_timestamp": "2026-02-24T03:00:14.795469Z"}, {"uuid": "b10ee34b-a46e-4116-a188-19df5510f730", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28760", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mhxbxx7c5m22", "content": "", "creation_timestamp": "2026-03-26T09:26:48.589326Z"}, {"uuid": "f1866585-b3c7-46e8-863e-a9992052e21d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-28760", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mhxaivzd6k2y", "content": "", "creation_timestamp": "2026-03-26T09:00:30.853558Z"}, {"uuid": "d256b458-a646-4987-82e6-f5aa8345528b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-28760", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116294656216482224", "content": "", "creation_timestamp": "2026-03-26T09:00:31.309001Z"}, {"uuid": "6edf866e-2767-4a42-81db-f7927d930ba7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28760", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mhx2uv3j7o2p", "content": "", "creation_timestamp": "2026-03-26T07:19:50.747503Z"}, {"uuid": "204b29c8-3da7-4d6b-a008-66c8e74d8d4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28766", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mims662mkg2s", "content": "", "creation_timestamp": "2026-04-03T22:42:31.439594Z"}, {"uuid": "377097e8-dcbb-436d-9451-03cc65c780c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28766", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mindxidzlo2s", "content": "", "creation_timestamp": "2026-04-04T04:00:55.376315Z"}, {"uuid": "77f38bdd-a019-427f-a205-1f53b27fe9dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28767", "type": "published-proof-of-concept", "source": "Telegram/gRG1YNPgKTOZJrmhE4GIDK8JXBCMivinEoGiTEUHs5vhIFA", "content": "", "creation_timestamp": "2026-04-02T19:00:12.000000Z"}, {"uuid": "2fc641ad-e08d-4da2-9ce3-e9204664383d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28766", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mk46yinlfd25", "content": "", "creation_timestamp": "2026-04-22T19:07:08.117398Z"}, {"uuid": "ff3bcbe8-f3fe-403d-a319-404807c5fe44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28766", "type": "published-proof-of-concept", "source": "Telegram/O4LcqucU1LaZaaWyFLISymaCFCoMKyIZUhNwooAElOjim-8", "content": "", "creation_timestamp": "2026-04-07T09:00:04.000000Z"}, {"uuid": "2707e6b0-46d6-4664-8616-004f2292ba6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28767", "type": "published-proof-of-concept", "source": "Telegram/O4LcqucU1LaZaaWyFLISymaCFCoMKyIZUhNwooAElOjim-8", "content": "", "creation_timestamp": "2026-04-07T09:00:04.000000Z"}, {"uuid": "0792104d-7c84-426e-9579-3f199519d6df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28766", "type": "published-proof-of-concept", "source": "Telegram/Y6tkTwR3TbgbL_qd0XdHY3LGxaSf8SFw0ekLA3xjK-BPXbc", "content": "", "creation_timestamp": "2026-04-03T23:21:03.000000Z"}, {"uuid": "2056198a-f9c0-421c-983c-fbc30e458d43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28767", "type": "published-proof-of-concept", "source": "Telegram/xPemCocsCKUXmxN-FoOBBJ3iutE4pbP0FjqrQP2HmxHDku0", "content": "", "creation_timestamp": "2026-04-02T21:00:04.000000Z"}, {"uuid": "b354ce67-ca60-4d32-a6fb-709db9553136", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28767", "type": "seen", "source": "https://t.me/GithubRedTeam/78481", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a ICSA-26-055-03\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a MichaelAdamGroberman\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-02 15:58:52\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCISA Advisory ICSA-26-055-03 (Update A) \u2014 Gardyn Home Kit IoT Vulnerabilities \u2014 10 CVEs (CVE-2025-1242, CVE-2025-10681, CVE-2025-29628, CVE-2025-29629, CVE-2025-29631, CVE-2026-28766, CVE-2026-25197, CVE-2026-32646, CVE-2026-28767, CVE-2026-32662)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-02T16:00:04.000000Z"}, {"uuid": "c1e12109-cc19-432f-b529-bfc3ea279e81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28766", "type": "seen", "source": "https://t.me/GithubRedTeam/78512", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-28766\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a MichaelAdamGroberman\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 1  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-02 23:17:03\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-28766: Missing Authentication on User Account Endpoint \u2014 Gardyn Home Kit (ICSA-26-055-03)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-03T00:00:03.000000Z"}, {"uuid": "9b6d0cb3-9908-4da6-9f91-75e55b723727", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28767", "type": "seen", "source": "https://t.me/GithubRedTeam/78535", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-28767\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a MichaelAdamGroberman\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 1  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-03 01:58:42\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-28767: Missing Authentication on Admin Notifications Endpoint \u2014 Gardyn Home Kit (ICSA-26-055-03)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-03T02:00:03.000000Z"}, {"uuid": "889c0a42-1efb-4a02-a677-122526e18b4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28766", "type": "seen", "source": "https://t.me/GithubRedTeam/78481", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a ICSA-26-055-03\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a MichaelAdamGroberman\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-02 15:58:52\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCISA Advisory ICSA-26-055-03 (Update A) \u2014 Gardyn Home Kit IoT Vulnerabilities \u2014 10 CVEs (CVE-2025-1242, CVE-2025-10681, CVE-2025-29628, CVE-2025-29629, CVE-2025-29631, CVE-2026-28766, CVE-2026-25197, CVE-2026-32646, CVE-2026-28767, CVE-2026-32662)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-02T16:00:04.000000Z"}, {"uuid": "f7fd248b-8211-4bdb-b224-c34a1268a90b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28766", "type": "published-proof-of-concept", "source": "Telegram/xPemCocsCKUXmxN-FoOBBJ3iutE4pbP0FjqrQP2HmxHDku0", "content": "", "creation_timestamp": "2026-04-02T21:00:04.000000Z"}, {"uuid": "49cc6822-d279-4518-8ece-494db8d6b120", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28761", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mmyf6ju52422", "content": "\u3010\u8106\u5f31\u6027\u60c5\u5831\u3011 CVE-2026-28761 Musetheque\u00a0V4\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\n\nCVE-2026-28761\u306f\u3001Muse theque V4\u306b\u304a\u3051\u308b\u30af\u30ed\u30b9\u30b5\u30a4\u30c8\u30ea\u30af\u30a8\u30b9\u30c8\u30d5\u30a9\u30fc\u30b8\u30a7\u30ea\uff08CSRF\uff09\u8106\u5f31\u6027\u3067\u3059\u3002", "creation_timestamp": "2026-05-29T11:02:49.046260Z"}, {"uuid": "8cf5f85d-93ad-4f0e-bb67-27113b66b386", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-28761", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116577063954695291", "content": "\u26a0\ufe0f HIGH severity: CVE-2026-28761 impacts Fujitsu Musetheque V4 for IPKNOWLEDGE (\u2264V4L1 rev2203.0). CSRF flaw allows unwanted actions if logged-in users visit malicious pages. Patch status unknown. https://radar.offseq.com/threat/cve-2026-28761-cross-site-request-forgery-csrf-in--3c8966ad #OffSeq #CSRF #Fujitsu #Vuln", "creation_timestamp": "2026-05-15T06:00:30.050618Z"}, {"uuid": "63638165-76b2-4d97-b383-5a7e0a7a2f18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-28761", "type": "seen", "source": "https://jvn.jp/en/jp/JVN69128376", "content": "", "creation_timestamp": "2026-05-14T20:00:00.000000Z"}, {"uuid": "8c923b10-b4f9-4f84-98e8-afe5306fa307", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28764", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmeeolb5mt26", "content": "\ud83d\udfe0 CVE-2026-28764 - High (7.8)\n\nMediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-28764/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-21T12:00:39.292803Z"}, {"uuid": "a0b1296c-5aba-4650-8a36-03839b8eafb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28764", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmehfboenq2r", "content": "CVE-2026-28764 - MediaArea MediaInfoLib LXF Element Parsing Heap-Based Buffer Overflow Vulnerability\nCVE ID : CVE-2026-28764\n \n Published : May 21, 2026, 10:16 a.m. | 2\u00a0hours, 1\u00a0minute ago\n \n Description : MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow v...", "creation_timestamp": "2026-05-21T12:49:07.651717Z"}, {"uuid": "ecd1e2a7-5127-4cc8-92a4-da320a24a894", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28764", "type": "seen", "source": "https://infosec.place/objects/a700b469-c4b7-4bbc-874a-5b62f75fe095", "content": "New vulnerability report from Talos:MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerabilityhttps://talosintelligence.com/vulnerability_reports/TALOS-2026-2371CVE-2026-28764", "creation_timestamp": "2026-05-21T16:30:09.374952Z"}, {"uuid": "79613e4b-05f6-47b9-886c-cd0fa7813da8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28761", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mluss7f5tp2h", "content": "CVE-2026-28761 - Musetheque V4 Cross-Site Request Forgery (CSRF)\nCVE ID : CVE-2026-28761\n \n Published : May 15, 2026, 5:38 a.m. | 27\u00a0minutes ago\n \n Description : Cross-site request forgery vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev220...", "creation_timestamp": "2026-05-15T07:32:54.938886Z"}, {"uuid": "e9fbec2a-d004-4a08-a748-63324eadd9db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28764", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mmtv5fsqu426", "content": "@talosintelligence.com\nFour heap-based buffer overflow flaws in MediaArea MediaInfoLib allow arbitrary code execution via malicious files.\n-\nIOCs: CVE-2026-25104, CVE-2026-25713, CVE-2026-28764\n-\n#MediaArea #ThreatIntel #Vulnerability", "creation_timestamp": "2026-05-27T16:05:12.542805Z"}]}