{"vulnerability": "cve-2026-4190", "sightings": [{"uuid": "3e27fa95-b4d8-4f90-aa82-cfd61b733415", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41907", "type": "seen", "source": "https://gist.github.com/alon710/cc4d9b85509a9bc85167e4592e568bc8", "content": "", "creation_timestamp": "2026-05-05T06:40:28.000000Z"}, {"uuid": "27245f3b-dec5-44b1-b021-5f9bd1150661", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41904", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlbwrjfhau2r", "content": "\ud83d\udfe0 CVE-2026-41904 - High (7.6)\n\nFreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to versi...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41904/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-07T19:21:18.405503Z"}, {"uuid": "4fec82db-0f99-456e-aa82-eddde3fa880b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41905", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlbwrqtmyh2q", "content": "\ud83d\udfe0 CVE-2026-41905 - High (7.7)\n\nFreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to versi...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41905/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-07T19:21:22.050899Z"}, {"uuid": "7e5212d5-ed35-45d5-b41a-01fd099f347a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41902", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlbywo2erm2c", "content": "\ud83d\udd34 CVE-2026-41902 - Critical (9.1)\n\nFreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to versi...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41902/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-07T19:59:54.944969Z"}, {"uuid": "d2b4caeb-21b5-46b5-af02-b7e49d0d8d14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41907", "type": "published-proof-of-concept", "source": "https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq", "content": "", "creation_timestamp": "2026-04-19T15:20:09.000000Z"}, {"uuid": "6c76d0a0-8a26-4fe7-b789-1f33efc39f29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41902", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlccuagnxj2e", "content": "CVE-2026-41902 - FreeScout's user invitation hash never expires: permanent unauthenticated account takeover if invite link leaks\nCVE ID : CVE-2026-41902\n \n Published : May 7, 2026, 7:16 p.m. | 3\u00a0hours, 4\u00a0minutes ago\n \n Description : FreeScout is a free help desk and shared inb...", "creation_timestamp": "2026-05-07T22:57:29.813846Z"}, {"uuid": "4004f74e-3616-49fc-8e42-5d6272d542cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41900", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlcvsutqmu2h", "content": "CVE-2026-41900 - OpenLearnX has Critical Remote Code Execution Through Python Sandbox Escape via Code Execution Environment\nCVE ID : CVE-2026-41900\n \n Published : May 8, 2026, 3:25 a.m. | 1\u00a0hour ago\n \n Description : OpenLearnX is an open-source, decentralized learning and asse...", "creation_timestamp": "2026-05-08T04:36:45.332345Z"}, {"uuid": "2a0a7126-d0a9-4783-abd9-7f681c22b5be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41900", "type": "seen", "source": "Telegram/N1Jo8qZWaWReiL_t-N5l6uzcgIVKcO6O8PdoiYgN9aP0HPY", "content": "", "creation_timestamp": "2026-05-07T03:00:06.000000Z"}, {"uuid": "74d001de-d896-42fe-89d8-b6e7e992ec7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41900", "type": "seen", "source": "Telegram/msQTanSLkX-OxkjOrr400lcWfFt4y0eZWCcTmXgDmxd3Ek4", "content": "", "creation_timestamp": "2026-05-06T23:00:13.000000Z"}, {"uuid": "1c6db492-6e8d-4bc1-a2c6-5061f63ac8b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41900", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlhqqjukxo2q", "content": "\ud83d\udfe0 CVE-2026-41900 - High (8.8)\n\nOpenLearnX is an open-source, decentralized learning and assessment platform. Prior to version 2....\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41900/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-10T02:49:17.320908Z"}, {"uuid": "234bf336-917b-4e84-be88-cfca086ad9ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41901", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlp5xdbnw42p", "content": "CVE-2026-41901 - Thymeleaf: Improper recognition of unauthorized syntax patterns in sandboxed Thymeleaf expressions\nCVE ID : CVE-2026-41901\n \n Published : May 12, 2026, 11:16 p.m. | 1\u00a0hour, 9\u00a0minutes ago\n \n Description : Thymeleaf is a server-side Java template engine for web ...", "creation_timestamp": "2026-05-13T01:34:21.220835Z"}, {"uuid": "7699ec3d-f5bf-48a7-aa8d-d1b4c7a527a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41901", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlpddjlakx2w", "content": "\ud83d\udd34 CVE-2026-41901 - Critical (9)\n\nThymeleaf is a server-side Java template engine for web and standalone environments. Prior to 3.1...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-41901/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-13T03:10:40.050994Z"}, {"uuid": "d1d155b4-58ef-4d3c-826f-aa8d64290500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41907", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mmvxybrjfa2y", "content": "\n\ud83d\udea8 New MEDIUM CVE detected in AWS Lambda \ud83d\udea8\nCVE-2026-41907 impacts uuid in 3 Lambda base images.\n\nDetails: https://github.com/aws/aws-lambda-base-images/issues/541\nMore: https://lambdawatchdog.com/\n\n#AWS #Lambda #CVE #CloudSecurity #Serverless", "creation_timestamp": "2026-05-28T12:01:20.306283Z"}, {"uuid": "effcdc92-e8e3-47c9-afd6-c99023bbc7df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41907", "type": "published-proof-of-concept", "source": "https://api.github.com/repos/uuidjs/uuid/security-advisories/GHSA-w5hq-g745-h8pq", "content": "", "creation_timestamp": "2026-04-19T15:20:09.000000Z"}, {"uuid": "8b9e24ff-a876-4073-94ac-168424abc44a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41900", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mmz37lricx22", "content": "\ud83d\udccc CVE-2026-41900 - OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to version 2.0.3, a remote code execution (RCE) vulnerability was ... https://www.cyberhub.blog/cves/CVE-2026-41900", "creation_timestamp": "2026-05-29T17:37:06.600647Z"}]}