{"vulnerability": "cve-2026-4225", "sightings": [{"uuid": "fe949a9a-4f53-4234-8aa5-3693179d1fdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42256", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mlipltms6q2p", "content": "\n\ud83d\udea8 New MEDIUM CVE detected in AWS Lambda \ud83d\udea8\nCVE-2026-42256 impacts net-imap in 4 Lambda base images.\n\nDetails: https://github.com/aws/aws-lambda-base-images/issues/515\nMore: https://lambdawatchdog.com/\n\n#AWS #Lambda #CVE #CloudSecurity #Serverless", "creation_timestamp": "2026-05-10T12:01:24.952457Z"}, {"uuid": "be7ba43d-4bdf-4767-908b-83168a08dad9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42255", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116469126078662586", "content": "", "creation_timestamp": "2026-04-26T04:30:28.161669Z"}, {"uuid": "a9f121cc-c8f6-444f-b7b7-f5a9eae8373a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42255", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mkepumtra62y", "content": "", "creation_timestamp": "2026-04-26T04:30:30.036471Z"}, {"uuid": "2d595ad5-17ca-400c-862d-7fa8cddd543f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42258", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlh6bqgjhp2c", "content": "CVE-2026-42258 - net-imap: Command Injection via unvalidated Symbol inputs\nCVE ID : CVE-2026-42258\n \n Published : May 9, 2026, 8:16 p.m. | 33\u00a0minutes ago\n \n Description : Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versio...", "creation_timestamp": "2026-05-09T21:18:52.650438Z"}, {"uuid": "7c3f4099-b2d2-4f68-87af-8175991e7034", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42257", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlh7iqqghk2r", "content": "CVE-2026-42257 - net-imap: Command Injection via \"raw\" arguments to multiple commands\nCVE ID : CVE-2026-42257\n \n Published : May 9, 2026, 8:16 p.m. | 33\u00a0minutes ago\n \n Description : Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prio...", "creation_timestamp": "2026-05-09T21:40:41.924215Z"}, {"uuid": "da0749d9-0e4d-456b-a595-5808d85897f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42256", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlhacdcpm52q", "content": "CVE-2026-42256 - net-imap: Denial of service via high iteration count for `SCRAM-*` authentication\nCVE ID : CVE-2026-42256\n \n Published : May 9, 2026, 8:16 p.m. | 33\u00a0minutes ago\n \n Description : Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality ...", "creation_timestamp": "2026-05-09T21:55:00.142013Z"}, {"uuid": "ba2ed53a-f287-45e2-aa49-22d2d3427df0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42257", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mliplujde42d", "content": "\n\ud83d\udea8 New MEDIUM CVE detected in AWS Lambda \ud83d\udea8\nCVE-2026-42257 impacts net-imap in 4 Lambda base images.\n\nDetails: https://github.com/aws/aws-lambda-base-images/issues/516\nMore: https://lambdawatchdog.com/\n\n#AWS #Lambda #CVE #CloudSecurity #Serverless", "creation_timestamp": "2026-05-10T12:01:25.840823Z"}, {"uuid": "2c4ef7d8-1884-444e-9997-0b783a76bc7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42258", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mliplvolm72y", "content": "\n\ud83d\udea8 New MEDIUM CVE detected in AWS Lambda \ud83d\udea8\nCVE-2026-42258 impacts net-imap in 4 Lambda base images.\n\nDetails: https://github.com/aws/aws-lambda-base-images/issues/517\nMore: https://lambdawatchdog.com/\n\n#AWS #Lambda #CVE #CloudSecurity #Serverless", "creation_timestamp": "2026-05-10T12:01:26.944814Z"}, {"uuid": "763b2aea-4bc7-4b94-8499-dad7166fdd63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42259", "type": "published-proof-of-concept", "source": "https://github.com/saltcorn/saltcorn/security/advisories/GHSA-f3g8-9xv5-77gv", "content": "", "creation_timestamp": "2026-04-16T17:51:58.000000Z"}, {"uuid": "07e38ff0-809f-425e-99c4-5b3a00726dda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42253", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mn64rdw2aa26", "content": "CVE-2026-42253: Apache ActiveMQ, Apache ActiveMQ Web: HTTP Response Header Injection via JMS Message Properties", "creation_timestamp": "2026-05-31T17:48:14.690119Z"}, {"uuid": "76183b38-26aa-49e9-aecf-8e0b1c544e07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42250", "type": "seen", "source": "https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3mnk52b5bid2h", "content": "[Backport staging-26.05] bzip2: patch CVE-2026-42250\n\nhttps://github.com/NixOS/nixpkgs/pull/527237\n\n#security", "creation_timestamp": "2026-06-05T12:25:10.654994Z"}, {"uuid": "3edb8f90-9734-4c53-8432-da06d895c48d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42250", "type": "seen", "source": "https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3mnk52b5bid2h", "content": "[Backport staging-26.05] bzip2: patch CVE-2026-42250\n\nhttps://github.com/NixOS/nixpkgs/pull/527237\n\n#security", "creation_timestamp": "2026-06-05T12:25:10.637409Z"}, {"uuid": "eec8dc07-ddbe-49a2-a650-33d8fd80e729", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42250", "type": "seen", "source": "https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3mnk52bpjub23", "content": "[Backport staging-25.11] bzip2: patch CVE-2026-42250\n\nhttps://github.com/NixOS/nixpkgs/pull/527234\n\n#security", "creation_timestamp": "2026-06-05T12:25:11.484247Z"}, {"uuid": "4183ef0b-7387-46dd-a679-0b9fbe39261a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42250", "type": "seen", "source": "https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3mnk52bpjub23", "content": "[Backport staging-25.11] bzip2: patch CVE-2026-42250\n\nhttps://github.com/NixOS/nixpkgs/pull/527234\n\n#security", "creation_timestamp": "2026-06-05T12:25:11.487975Z"}, {"uuid": "b702f3a9-033d-4ad1-82d1-87ec8a6ffe1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42250", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnkaxh5hdb2j", "content": "\ud83d\udd17 CVE : CVE-2026-9149, CVE-2026-9150, CVE-2026-42250, CVE-2026-42250, CVE-2026-9149, CVE-2026-9150", "creation_timestamp": "2026-06-05T13:35:12.119243Z"}, {"uuid": "7e7f7445-512d-4870-a591-d8b6da9390f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42250", "type": "seen", "source": "https://cert.pl/en/posts/2026/05/CVE-2026-42250", "content": "", "creation_timestamp": "2026-05-28T05:15:00.000000Z"}, {"uuid": "6a2f9ddc-426e-43bf-a3e5-92387118bc1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42252", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mn5kvsllnm23", "content": "CVE-2026-42252: Apache Airflow: BashOperator Jinja2 injection via dag_run.conf \u2014 low-privilege user pattern", "creation_timestamp": "2026-05-31T12:28:36.890988Z"}, {"uuid": "3132bc9f-af58-41b5-951a-02b4269e2a06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42251", "type": "seen", "source": "https://cert.pl/en/posts/2026/06/CVE-2026-42251", "content": "", "creation_timestamp": "2026-06-01T05:55:00.000000Z"}, {"uuid": "6334e23e-3f83-4d58-a90c-71b8a074c5ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42250", "type": "seen", "source": "https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3mndau56ozo2f", "content": "bzip2: patch CVE-2026-42250\n\nhttps://github.com/NixOS/nixpkgs/pull/526529\n\nhttps://tracker.security.nixos.org/issues/NIXPKGS-2026-1788\n\n#security", "creation_timestamp": "2026-06-02T18:44:42.019488Z"}, {"uuid": "5c1c04eb-d684-4b0f-aeab-5534e5d45839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42252", "type": "seen", "source": "https://bsky.app/profile/cyberowi.pl/post/3mnrqjs4onl2p", "content": "\ud83d\udea8 CVE-2026-42252: B\u0142\u0105d w dokumentacji Airflow prowadzi do wykonania kodu\n\nLuka CVE-2026-42252 w Apache Airflow, z ocen\u0105 9.1 CVSS, wynika z niebezpiecznego przyk\u0142adu w oficjalnej dokumentacji. Jego\n\nhttps://cyberowi.pl/cve-2026-42252-bad-w-dokumentacji-airflow-prowadzi-do/\n\n#cyberbezpieczenstwo", "creation_timestamp": "2026-06-08T13:02:31.080216Z"}]}