{"vulnerability": "cve-2026-40825", "sightings": [{"uuid": "a26cd386-c09e-4422-ab7f-54683f5fae9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-40825", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mmt5fyl4zu2m", "content": "SQL Injection alert: MB connect line mbCONNECT24 hit by HIGH severity vuln (CVE-2026-40825). No patch yet \u2014 restrict access &amp; watch for updates. https://radar.offseq.com/threat/cve-2026-40825-cwe-89-improper-neutralization-of-s-0b1fbf64 #OffSeq #SQLInjection #Security", "creation_timestamp": "2026-05-27T09:00:31.071044Z"}, {"uuid": "72d7a640-5435-4a5d-ad3b-d6c9a65a26ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-40825", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116645719441029051", "content": "\u26a0\ufe0f HIGH severity: CVE-2026-40825 in MB connect line mbCONNECT24. SQL Injection via accountstatus view devices param enables DB read/modify. No patch yet \u2014 restrict access &amp; monitor vendor advisories. https://radar.offseq.com/threat/cve-2026-40825-cwe-89-improper-neutralization-of-s-0b1fbf64 #OffSeq #SQLInjection #Vuln #MBconnect", "creation_timestamp": "2026-05-27T09:00:29.144333Z"}, {"uuid": "e2535d53-238c-4f02-91a1-e5338a125c91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40825", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/116645529147227087", "content": "#OT #Advisory VDE-2026-058Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual\nMultiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820\nhttps://certvde.com/en/advisories/vde-2026-058/\n#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json", "creation_timestamp": "2026-05-27T08:12:09.999432Z"}, {"uuid": "7edd6bb0-545b-4d6e-9597-bf4133ebfb03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40825", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/116645525736344350", "content": "#OT #Advisory VDE-2026-044MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24\nMultiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820\nhttps://certvde.com/en/advisories/vde-2026-044/\n#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json", "creation_timestamp": "2026-05-27T08:11:19.467679Z"}, {"uuid": "09ff5b84-7a54-4250-97e6-b9c25638f060", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40825", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmt5wchvu42i", "content": "CVE-2026-40825 - Authenticated SQLi in accountstatus view\nCVE ID : CVE-2026-40825\n \n Published : May 27, 2026, 8:16 a.m. | 15\u00a0minutes ago\n \n Description : A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view dev...", "creation_timestamp": "2026-05-27T09:09:37.955231Z"}]}