{"vulnerability": "cve-2026-4010", "sightings": [{"uuid": "315e15e8-be9c-450b-a71c-d7ac48437717", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40100", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mj5wcxli3b2m", "content": "", "creation_timestamp": "2026-04-10T18:12:06.503919Z"}, {"uuid": "4db61814-c800-448c-a2fc-7e54bbd9fa91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4010", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mgu2hxtogc2e", "content": "", "creation_timestamp": "2026-03-12T09:09:25.445631Z"}, {"uuid": "2d775888-861a-4fd2-bccf-1ec166164ca3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-4010", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-4010", "content": "", "creation_timestamp": "2026-03-12T07:16:11.000000Z"}, {"uuid": "3b0acdd2-399e-438e-b935-164522404460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40103", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mj5xqky2342m", "content": "", "creation_timestamp": "2026-04-10T18:37:33.468503Z"}, {"uuid": "5b0e719a-2c41-49c3-8b5f-8eed591a0cf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-40100", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-40100", "content": "", "creation_timestamp": "2026-04-10T08:17:12.000000Z"}, {"uuid": "7dfeb14d-8d9c-454e-9f77-1451b91282ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-40103", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-40103", "content": "", "creation_timestamp": "2026-04-10T08:17:13.000000Z"}, {"uuid": "677c3792-34b8-4e81-b77f-49a6db4f804d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40104", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mk6dpvrnvl2p", "content": "", "creation_timestamp": "2026-04-23T15:37:07.934252Z"}, {"uuid": "e2fb5389-2228-4887-b29c-a64dd8fb4ee8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40105", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mjizrlymz22o", "content": "", "creation_timestamp": "2026-04-15T04:13:12.492367Z"}, {"uuid": "dc2dc7df-c311-4b8a-8519-9616dbb1b6c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40104", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mjizz246yu2o", "content": "", "creation_timestamp": "2026-04-15T04:17:22.312167Z"}, {"uuid": "857d798e-e01a-42c3-96c9-c4c0a52410af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40107", "type": "published-proof-of-concept", "source": "Telegram/RnbO6h7rE-8F1e1uXIlS73R4kRuAIo63byQ11pUP09Fz6LA", "content": "", "creation_timestamp": "2026-04-09T23:29:26.000000Z"}, {"uuid": "bcc02d68-f630-48eb-8c9f-c961a0e54894", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40104", "type": "seen", "source": "Telegram/s117pb2GT3VwdfXaV13Oi8Gqr-ePRy_I5oBJZVU7ek3MbpQ", "content": "", "creation_timestamp": "2026-04-16T17:20:51.000000Z"}, {"uuid": "bd31d8d0-6afb-474c-a081-790516e53e9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40107", "type": "published-proof-of-concept", "source": "Telegram/nXzIQMx_PCOAGX3i8onWM2mwWKDsz1vr3NClJO_7twhRFOo", "content": "", "creation_timestamp": "2026-04-09T23:29:02.000000Z"}, {"uuid": "f77e327c-804b-43da-8e5b-69ce7e91845a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40105", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-40105.yaml", "content": "", "creation_timestamp": "2026-05-04T07:30:55.000000Z"}, {"uuid": "793abc76-d737-478c-8491-e72bf79d6ccf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-40103", "type": "published-proof-of-concept", "source": "https://github.com/go-vikunja/vikunja/security/advisories/GHSA-v479-vf79-mg83", "content": "", "creation_timestamp": "2026-04-09T21:44:09.000000Z"}, {"uuid": "29d4acd2-cd54-42df-9718-6b9383a7786a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40108", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mlblk4t3e52k", "content": "\ud83d\udd17 CVE : CVE-2026-32312, CVE-2026-40108, CVE-2026-42317, CVE-2026-42318, CVE-2026-42320, CVE-2026-42321, CVE-2026-5385", "creation_timestamp": "2026-05-07T16:00:14.791771Z"}, {"uuid": "7ed5b788-8ef7-40c9-bb63-0f7bb32765b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-40107", "type": "published-proof-of-concept", "source": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-w95v-4h65-j455", "content": "", "creation_timestamp": "2026-04-09T09:13:37.000000Z"}, {"uuid": "99443d10-b94d-4bfa-bfcf-e2913c8287e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40108", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mncq4nolce2y", "content": "\ud83d\udd17 CVE : CVE-2026-40108, CVE-2026-42318, CVE-2026-42321, CVE-2026-5385", "creation_timestamp": "2026-06-02T13:45:20.055756Z"}, {"uuid": "58b6db04-a700-4505-a2e7-f5563d0be799", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40108", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mne3oqqyoc2g", "content": "CVE-2026-40108 - GLPI Vulnerable to Stored XSS in ITIL Costs\nCVE ID : CVE-2026-40108\n \n Published : June 2, 2026, 11:16 p.m. | 3\u00a0hours, 16\u00a0minutes ago\n \n Description : GLPI is a free asset and IT management software package. In versions 11.0.0 through 11.0.6, a technician can ...", "creation_timestamp": "2026-06-03T02:44:52.061382Z"}, {"uuid": "8791b338-5e33-4409-9d0f-0799d05d50a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-40108", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mndxjolqxo2b", "content": "GLPI 11.0.0 \u2013 11.0.6 hit by HIGH severity XSS flaw. Techs can inject scripts in ITIL cost fields. Upgrade to 11.0.7 to secure your IT management stack. https://radar.offseq.com/threat/cve-2026-40108-cwe-79-improper-neutralization-of-i-b1d24331 #OffSeq #GLPI #XSS", "creation_timestamp": "2026-06-03T01:30:27.526962Z"}, {"uuid": "57f5ef68-7f2a-418e-8144-04cec1e62f5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-40108", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116683585947187436", "content": "\u26a0\ufe0f HIGH severity: CVE-2026-40108 impacts GLPI (11.0.0 \u2013 11.0.6). Privileged technicians can inject XSS via ITIL cost fields. Upgrade to 11.0.7 to fix. No active exploits, but patching is critical. https://radar.offseq.com/threat/cve-2026-40108-cwe-79-improper-neutralization-of-i-b1d24331 #OffSeq #CVE202640108 #XSS #GLPI", "creation_timestamp": "2026-06-03T01:30:35.110353Z"}]}