{"vulnerability": "cve-2026-4207", "sightings": [{"uuid": "e67f1c80-dbbd-4319-9805-2b39d18c7319", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42072", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlealona2526", "content": "\ud83d\udd34 CVE-2026-42072 - Critical (9.8)\n\nNornicdb is a distributed low-latency, Graph+Vector, Temporal MVCC with all sub-ms HNSW search, g...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42072/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-08T17:22:15.165295Z"}, {"uuid": "f139d713-37ec-4ff4-abdd-be7cb560a4c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42075", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml2bd3tods2l", "content": "\ud83d\udfe0 CVE-2026-42075 - High (8.1)\n\nEvolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a path trav...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42075/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-04T18:08:43.483242Z"}, {"uuid": "80ab54ac-49fb-4ada-95bb-8eb45fb5a6af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42076", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml2bdddqo62n", "content": "\ud83d\udd34 CVE-2026-42076 - Critical (9.8)\n\nEvolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a command i...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42076/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-04T18:08:51.278339Z"}, {"uuid": "f5827f53-93f8-46c0-9fa7-19f6746cfd40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42079", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml2bgbykt22w", "content": "\ud83d\udfe0 CVE-2026-42079 - High (8.6)\n\nPPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, P...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42079/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-04T18:10:30.932002Z"}, {"uuid": "d003427e-8588-42ea-9f8f-fc25136565d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42079", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml2bhdmvyd2c", "content": "\ud83d\udfe0 CVE-2026-42079 - High (8.6)\n\nPPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, P...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42079/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-04T18:11:05.881166Z"}, {"uuid": "fa4107f1-a8ce-4b0e-ac36-63cac8372bae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42072", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mleem5x72k2v", "content": "CVE-2026-42072 - Nornicdb: Improper Network Binding in NornicDB Bolt Server allows unauthorized remote access\nCVE ID : CVE-2026-42072\n \n Published : May 8, 2026, 5:16 p.m. | 1\u00a0hour, 4\u00a0minutes ago\n \n Description : Nornicdb is a distributed low-latency, Graph+Vector, Temporal MV...", "creation_timestamp": "2026-05-08T18:34:05.872931Z"}, {"uuid": "7fb8de08-be07-492a-ac85-c119f3619aa8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42072", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116544151733422821", "content": "\u26a0\ufe0f CRITICAL: orneryd NornicDB (<1.0.42-hotfix) exposes Bolt server on all LAN interfaces with default admin creds (admin:password). Full DB compromise possible! Upgrade to 1.0.42-hotfix now. CVE-2026-42072 https://radar.offseq.com/threat/cve-2026-42072-cwe-1392-use-of-default-credentials-cb1c5acf #OffSeq #CVE202642072 #infosec", "creation_timestamp": "2026-05-09T10:30:28.544883Z"}, {"uuid": "4cdb49b2-9104-4bc6-a456-b2a7a5222d04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42072", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlg22dseio2y", "content": "NornicDB (<1.0.42-hotfix) critical vuln: Bolt server exposed on LAN with default admin creds. Upgrade to 1.0.42-hotfix ASAP to prevent DB compromise! \ud83d\udea8 https://radar.offseq.com/threat/cve-2026-42072-cwe-1392-use-of-default-credentials-cb1c5acf #OffSeq #CVE202642072", "creation_timestamp": "2026-05-09T10:30:30.417316Z"}, {"uuid": "c6c70979-2e8a-4577-9858-e83576af8692", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42074", "type": "published-proof-of-concept", "source": "https://github.com/Gitlawb/openclaude/security/advisories/GHSA-m77w-p5jj-xmhg", "content": "", "creation_timestamp": "2026-05-12T15:22:53.000000Z"}, {"uuid": "6b316a40-ccfa-4fd7-a5c0-8e9a6d938f3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42073", "type": "published-proof-of-concept", "source": "https://github.com/Gitlawb/openclaude/security/advisories/GHSA-c73c-x77g-854r", "content": "", "creation_timestamp": "2026-05-12T15:22:12.000000Z"}]}