{"vulnerability": "cve-2026-4120", "sightings": [{"uuid": "26ef0d2e-ac8c-4871-ac98-6f55c391b45a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4120", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mhfm2hwnva2v", "content": "", "creation_timestamp": "2026-03-19T08:39:15.534292Z"}, {"uuid": "e0d986a2-2816-447d-97ea-1aa950e316e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41202", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlakynbolz2e", "content": "CVE-2026-41202 - ci4ms Backup::restore is vulnerable to Zip Slip leading to RCE\nCVE ID : CVE-2026-41202\n \n Published : May 7, 2026, 3:18 a.m. | 1\u00a0hour, 6\u00a0minutes ago\n \n Description : CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architec...", "creation_timestamp": "2026-05-07T06:17:48.384685Z"}, {"uuid": "cf8511c1-5297-4825-91ac-fa0288270474", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41208", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mkeksltovn2t", "content": "", "creation_timestamp": "2026-04-26T02:59:53.459136Z"}, {"uuid": "6af6f4f4-d390-4c28-afcc-7c3f52e46509", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41208", "type": "seen", "source": "Telegram/x9tyUe3u3o8RRyRxn4MyOTn6X2M4g6ykuZun_Uy8vPfx8ng", "content": "", "creation_timestamp": "2026-04-23T05:18:40.000000Z"}, {"uuid": "bf391dc7-60ba-4cd1-b1f5-6ee414a34057", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41200", "type": "seen", "source": "Telegram/x9tyUe3u3o8RRyRxn4MyOTn6X2M4g6ykuZun_Uy8vPfx8ng", "content": "", "creation_timestamp": "2026-04-23T05:18:40.000000Z"}, {"uuid": "077ff739-f46f-43ae-8dbb-9b5ac1d81293", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41200", "type": "seen", "source": "Telegram/IhwMCwgpZcPxUFPSjnDIjcwTT5eYvaw7of5mdJi-nepdGhw", "content": "", "creation_timestamp": "2026-05-02T07:00:14.000000Z"}, {"uuid": "69856525-ff6d-4ad1-b37b-701725a04a16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41205", "type": "seen", "source": "Telegram/vObnyALXsyXLFJkccB0eoKwgfsCPRSJ_aAgpRRcRjZAUW0s", "content": "", "creation_timestamp": "2026-04-23T21:25:56.000000Z"}, {"uuid": "bd1fbd73-ca32-46b7-8611-f98d7f2162e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41203", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlap2odhxt2o", "content": "Critical ci4ms path traversal \ud83d\udee1\ufe0f (pre-0.31.5.0): Authenticated users can upload ZIPs to write files anywhere, risking RCE. Upgrade to 0.31.5.0+ now! https://radar.offseq.com/threat/cve-2026-41203-cwe-22-improper-limitation-of-a-pat-c63ffac4 #OffSeq #RCE #PatchNow", "creation_timestamp": "2026-05-07T07:30:31.922745Z"}, {"uuid": "4067f22b-a36c-4e71-bb6f-cdbcc6262477", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41203", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlaj6f7qlo2k", "content": "CVE-2026-41203 - ci4ms Theme::upload is vulnerable to Zip Slip leading to RCE\nCVE ID : CVE-2026-41203\n \n Published : May 7, 2026, 3:19 a.m. | 1\u00a0hour, 5\u00a0minutes ago\n \n Description : CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architectu...", "creation_timestamp": "2026-05-07T05:45:13.498081Z"}, {"uuid": "9749e40b-da38-43f5-ba15-9dbb3d1d9e97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41203", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116532119400079005", "content": "\ud83d\udea8 CRITICAL: CVE-2026-41203 in ci4ms (<0.31.5.0) allows authenticated users to exploit a path traversal bug and write files anywhere \u2014 including web root \u2014 for potential RCE. Patch to 0.31.5.0 ASAP! https://radar.offseq.com/threat/cve-2026-41203-cwe-22-improper-limitation-of-a-pat-c63ffac4 #OffSeq #Vuln #RCE #PathTraversal", "creation_timestamp": "2026-05-07T07:30:41.075310Z"}, {"uuid": "9eadc5ee-b48b-4078-9e5b-cbeb755a9d4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41201", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlaphzcmwc2n", "content": "CVE-2026-41201 - CI4MS: Backup Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM Blind XSS Version 2\nCVE ID : CVE-2026-41201\n \n Published : May 7, 2026, 4:16 a.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : CI4MS is a CodeIgniter 4-based CMS sk...", "creation_timestamp": "2026-05-07T07:37:58.922971Z"}, {"uuid": "3ddf115b-c378-4c33-b62e-72a8906820d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41202", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116532473442667986", "content": "\ud83d\udd0e CVE-2026-41202: CRITICAL path traversal in ci4ms (<0.31.5.0) lets authenticated users upload ZIPs for remote code execution. Patch to 0.31.5.0 now! Details: https://radar.offseq.com/threat/cve-2026-41202-cwe-22-improper-limitation-of-a-pat-c7627c61 #OffSeq #infosec #CVE202641202 #vuln", "creation_timestamp": "2026-05-07T09:00:32.230146Z"}, {"uuid": "54249b5d-40c8-48ac-aa14-889f9640ec6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41202", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlau3oebzt2y", "content": "ci4ms (<0.31.5.0) faces CRITICAL path traversal (CVE-2026-41202). Authenticated users can trigger RCE via malicious ZIP restore. Upgrade to 0.31.5.0 ASAP! https://radar.offseq.com/threat/cve-2026-41202-cwe-22-improper-limitation-of-a-pat-c7627c61 #OffSeq #infosec #CVE202641202", "creation_timestamp": "2026-05-07T09:00:34.178931Z"}, {"uuid": "ae70cf94-ff98-49d8-80c7-8e230761f3cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41201", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116532827037914049", "content": "\u26a0\ufe0f CRITICAL XSS in ci4ms 0.31.4.0 (CVE-2026-41201): Stored DOM XSS via backup filename lets attackers fully take over accounts. Upgrade to 0.31.5.0 now! https://radar.offseq.com/threat/cve-2026-41201-cwe-79-improper-neutralization-of-i-fc417f58 #OffSeq #XSS #Vuln #InfoSec", "creation_timestamp": "2026-05-07T10:30:27.429403Z"}, {"uuid": "e3e04efa-3587-46ea-889c-58497f65a017", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41201", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlaz4hpvm32y", "content": "ci4ms 0.31.4.0 hit by CRITICAL XSS (CVSS 9.1) in backup module \u2014 attackers can hijack accounts. Upgrade to 0.31.5.0 now! https://radar.offseq.com/threat/cve-2026-41201-cwe-79-improper-neutralization-of-i-fc417f58 #OffSeq #XSS #PatchNow", "creation_timestamp": "2026-05-07T10:30:29.469421Z"}, {"uuid": "a9912da4-9c51-4090-a263-53db9c239552", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41206", "type": "published-proof-of-concept", "source": "https://github.com/ParzivalHack/PySpector/security/advisories/GHSA-vp22-38m5-r39r", "content": "", "creation_timestamp": "2026-04-14T23:19:41.000000Z"}, {"uuid": "068f9f49-d5d9-40c3-b70e-81d9d5e14d77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41201", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mmc3hwnkmj2c", "content": "CVE-2026-41201 - Critical Stored DOM XSS in Ci4ms CMS. Full account takeover via malicious SQL file in backup module. CVSS 9.1. Update to v0.31.5.0 now. #CVE #Ci4ms #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-41201/", "creation_timestamp": "2026-05-20T14:10:32.626188Z"}, {"uuid": "4ccadfe8-ee65-42e9-bc60-11914b30dd6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41208", "type": "published-proof-of-concept", "source": "https://github.com/paperclipai/paperclip/security/advisories/GHSA-265w-rf2w-cjh4", "content": "", "creation_timestamp": "2026-04-16T12:15:14.000000Z"}]}