{"vulnerability": "cve-2026-42160", "sightings": [{"uuid": "50a5ebc7-dce9-4aeb-8dab-3fe7b4178064", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42160", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116543798035791646", "content": "\ud83d\udea8 CRITICAL: sovity dataspace-portal 2.1.1 \u2013 7.3.1 has a severe auth flaw (CVE-2026-42160). Attackers can bypass backend controls via \"PENDING\" accounts. Upgrade to 7.3.2 ASAP. More: https://radar.offseq.com/threat/cve-2026-42160-cwe-602-client-side-enforcement-of--0df388ad #OffSeq #Vuln #CVE202642160 #InfoSec", "creation_timestamp": "2026-05-09T09:00:32.504276Z"}, {"uuid": "c309ab6d-e308-4b7a-b4b8-3cc846f7dc44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42160", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlfuzisord2y", "content": "CRITICAL sovity dataspace-portal vuln (2.1.1 \u2013 7.3.1): Client-side auth lets attackers bypass controls. Patch to 7.3.2 now! Details: https://radar.offseq.com/threat/cve-2026-42160-cwe-602-client-side-enforcement-of--0df388ad #OffSeq #Vulnerability #CVE202642160", "creation_timestamp": "2026-05-09T09:00:33.582904Z"}]}