{"vulnerability": "cve-2026-4257", "sightings": [{"uuid": "e1ac08dc-6d3c-4560-9781-41cb6d91ffe7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4257", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3micv7wihvs2t", "content": "", "creation_timestamp": "2026-03-31T00:10:34.596548Z"}, {"uuid": "6192b9dd-5abe-42a6-a80c-228eb13e18d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4257", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-4257.yaml", "content": "", "creation_timestamp": "2026-03-31T09:59:16.000000Z"}, {"uuid": "e35f2bbc-0229-4f1d-b1a5-60224d7b6a3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4257", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3micuobxhbf25", "content": "", "creation_timestamp": "2026-03-31T00:00:42.833872Z"}, {"uuid": "ab5fde49-1936-4dc6-9847-9de3b8f847fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4257", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3micp3b722d27", "content": "", "creation_timestamp": "2026-03-30T22:20:36.340330Z"}, {"uuid": "46d7edca-56c9-4c05-9df0-44c3f7a9614b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4257", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/80859", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-4257\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a 0xgh057r3c0n\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-18 19:44:37\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nWordPress - Contact Form by Supsystic - Unauthenticated SSTI To Remote Code Execution\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-18T20:00:04.000000Z"}, {"uuid": "1881f606-cc61-4210-82a1-0f438fd4e638", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4257", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mihlnnbvfv2p", "content": "", "creation_timestamp": "2026-04-01T21:02:42.196807Z"}, {"uuid": "ab61d992-4419-47e3-ad66-8a34fad7ed5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4257", "type": "seen", "source": "https://t.me/GithubRedTeam/80460", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a cve-2026-4257\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a bootstrapbool\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-15 22:57:33\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u65e0\u63cf\u8ff0\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-15T23:00:04.000000Z"}, {"uuid": "e83d3641-34ab-4c2a-823b-8938f4779a15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42574", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlh5df7z5j2z", "content": "\ud83d\udfe0 CVE-2026-42574 - High (7.5)\n\napko allows users to build and publish OCI container images built from apk packages. From version...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42574/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-09T21:01:55.172646Z"}, {"uuid": "da777884-f320-4e1f-a924-a2c1f40d214e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4257", "type": "seen", "source": "Telegram/aYCyNSm85uFE8xgl3G3j-Sn1NnPkfaU1HaAlO581ff2GeJQ", "content": "", "creation_timestamp": "2026-03-30T23:20:36.000000Z"}, {"uuid": "077abb71-135a-4e72-8a50-2842e1bfe215", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4257", "type": "published-proof-of-concept", "source": "https://t.me/realcodeb0ss/399", "content": "https://nvd.nist.gov/vuln/detail/CVE-2026-4257\n\n\nFofa : body=\"/wp-content/plugins/contact-form-by-supsystic/\" - body=\"contact-form-by-supsystic/css/frontend.css\" \n body=\"/wp-content/plugins/contact-form-by-supsystic/\" &amp;&amp; body=\"Contact Form by Supsystic\"\n  body=\"Contact Form by Supsystic\" - title=\"Contact Form by Supsystic\"\n\nCensys : services.http.response.body: \"/wp-content/plugins/contact-form-by-supsystic/\"\n\nEnjoy;", "creation_timestamp": "2026-04-04T04:19:35.000000Z"}, {"uuid": "25db7823-d6f9-4388-913e-2ac678fc5dc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4257", "type": "published-proof-of-concept", "source": "Telegram/J1TSaArQ0ScFY239N-pEajUhnEKmxSQcewj6uEimw6KDWT0", "content": "", "creation_timestamp": "2026-04-18T23:00:13.000000Z"}, {"uuid": "ef252ded-5891-44fc-b29a-ab77ef6e7f3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4257", "type": "published-proof-of-concept", "source": "Telegram/fUN7x3zhWJI41Y9qvAix9-DSu_CPZFxW-u6Jn34L6Wbqg7U", "content": "", "creation_timestamp": "2026-04-19T03:00:05.000000Z"}, {"uuid": "60309095-0f13-47e6-8e4c-512011d0e6fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42575", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlh6woiu5p2p", "content": "CVE-2026-42575 - apko doesn't verify downloaded apk packages against APKINDEX checksum (package substitution possible)\nCVE ID : CVE-2026-42575\n \n Published : May 9, 2026, 8:16 p.m. | 33\u00a0minutes ago\n \n Description : apko allows users to build and publish OCI container images bu...", "creation_timestamp": "2026-05-09T21:30:35.487980Z"}, {"uuid": "0022cd84-f975-4154-9c8d-afd46d42198e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42574", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlh7bzrtb22k", "content": "CVE-2026-42574 - apko dirFS has a symlink-following path traversal that allows multiple entry points to escape the build root\nCVE ID : CVE-2026-42574\n \n Published : May 9, 2026, 8:16 p.m. | 33\u00a0minutes ago\n \n Description : apko allows users to build and publish OCI container im...", "creation_timestamp": "2026-05-09T21:36:56.422813Z"}, {"uuid": "795dc5b6-c0b5-43da-af1f-9779d122f02a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42576", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlh7qghol32h", "content": "CVE-2026-42576 - apko `DiscoverKeys` has a panic on non-rsa jwks key that causes crash during key discovery\nCVE ID : CVE-2026-42576\n \n Published : May 9, 2026, 8:16 p.m. | 33\u00a0minutes ago\n \n Description : apko allows users to build and publish OCI container images built from ap...", "creation_timestamp": "2026-05-09T21:44:59.445954Z"}, {"uuid": "0dbefafe-b971-4c57-8a8c-b47e389f8e13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42571", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlh7zev7at2t", "content": "CVE-2026-42571 - Privilege Escalation Attack affecting Pelican Web UI\nCVE ID : CVE-2026-42571\n \n Published : May 9, 2026, 8:16 p.m. | 33\u00a0minutes ago\n \n Description : Pelican is a platform for creating data federations. From versions 7.21.0 to before 7.21.5, 7.22.0 to before 7....", "creation_timestamp": "2026-05-09T21:49:59.875622Z"}, {"uuid": "224d7489-aee1-496c-b925-02e7705571c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42571", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlhhd4dhnd2p", "content": "\u26a0\ufe0f CRITICAL: PelicanPlatform pelican OAuth bug allows privilege escalation to admin in several versions. Update to 7.21.5, 7.22.3, 7.23.3, or 7.24.2 ASAP. More info: https://radar.offseq.com/threat/cve-2026-42571-cwe-863-incorrect-authorization-in--97117d66 #OffSeq #Security #Vulnerability", "creation_timestamp": "2026-05-10T00:00:43.148815Z"}, {"uuid": "ae0593be-ac37-452f-acb0-a5b84952d71a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42571", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116547337599753045", "content": "\ud83d\udea8 CRITICAL: CVE-2026-42571 in PelicanPlatform pelican (7.21.0 \u2013 7.21.4, 7.22.0 \u2013 7.22.2, 7.23.0 \u2013 7.23.2, 7.24.0 \u2013 7.24.1) lets OAuth users escalate to admin. Patch to 7.21.5/7.22.3/7.23.3/7.24.2. Details: https://radar.offseq.com/threat/cve-2026-42571-cwe-863-incorrect-authorization-in--97117d66 #OffSeq #Vuln #PelicanPlatform", "creation_timestamp": "2026-05-10T00:01:03.105060Z"}, {"uuid": "fdedbfcf-f32e-4cf9-b213-224281bcd3c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42575", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116548044393536365", "content": "\u26a0\ufe0f HIGH severity: chainguard-dev apko (&lt;1.2.7) doesn't verify downloaded .apk checksums vs signed index. Attackers can inject rogue packages into OCI images if download sources are compromised. Patch: upgrade to 1.2.7. CVE-2026-42575 https://radar.offseq.com/threat/cve-2026-42575-cwe-345-insufficient-verification-o-918c9a44 #OffSeq #ContainerSecurity", "creation_timestamp": "2026-05-10T03:00:27.075159Z"}, {"uuid": "97b96810-a9c8-417b-99d1-4df9378e18cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42575", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlhreji2nc2l", "content": "HIGH severity: chainguard-dev apko (&lt;1.2.7) skips verifying .apk checksums, risking rogue package injection if downloads are tampered. Upgrade to 1.2.7 now! https://radar.offseq.com/threat/cve-2026-42575-cwe-345-insufficient-verification-o-918c9a44 #OffSeq #ContainerSecurity", "creation_timestamp": "2026-05-10T03:00:31.650581Z"}, {"uuid": "77cfb4ef-f6db-4282-80c5-e1eebdcbba85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42574", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlhwfje37k2y", "content": "\u26a0\ufe0f HIGH severity: Path traversal in chainguard-dev apko (0.14.8 \u2013 1.2.4) lets attackers write outside build root with crafted .apk files. Upgrade to 1.2.5+ and avoid untrusted .apk packages. Details: https://radar.offseq.com/threat/cve-2026-42574-cwe-22-improper-limitation-of-a-pat-9650dedf #OffS...", "creation_timestamp": "2026-05-10T04:30:29.769038Z"}, {"uuid": "49cdf2c7-d70c-401d-aa3d-213d432c587d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42574", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116548398424487044", "content": "\ud83d\udea8 HIGH severity in chainguard-dev apko (v0.14.8 \u2013 1.2.4): Path traversal via crafted .apk symlinks (CVE-2026-42574) risks file writes outside the build root. Patch in v1.2.5. Upgrade ASAP &amp; avoid untrusted .apk! https://radar.offseq.com/threat/cve-2026-42574-cwe-22-improper-limitation-of-a-pat-9650dedf #OffSeq #cybersecurity #linux #containers", "creation_timestamp": "2026-05-10T04:30:40.356356Z"}, {"uuid": "a2fc4ba7-baa8-4a96-a776-6003f61e13c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42575", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlh5dmifud2f", "content": "\ud83d\udfe0 CVE-2026-42575 - High (7.5)\n\napko allows users to build and publish OCI container images built from apk packages. Prior to ver...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42575/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-09T21:02:02.659621Z"}, {"uuid": "5b3af179-5019-4fda-8cc6-f62d88a65706", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42579", "type": "published-proof-of-concept", "source": "https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm", "content": "", "creation_timestamp": "2026-05-05T18:10:10.000000Z"}, {"uuid": "18ea256a-3bd2-4500-943b-f2586a41395e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4257", "type": "seen", "source": "https://t.me/GithubRedTeam/83760", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-4257\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a shootcannon\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-11 05:26:48\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nSSTI contact form to rce\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-11T06:00:04.000000Z"}, {"uuid": "d50688db-8ebb-4dd7-b148-20ae28132fe9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4257", "type": "seen", "source": "Telegram/mQRcWYV3RpmllzBMUDvWcp1GmVWqzNCK3wJkik9yPjInnYI", "content": "", "creation_timestamp": "2026-05-11T07:00:14.000000Z"}, {"uuid": "4194b4ef-f080-462b-b797-04b83a0f270a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4257", "type": "seen", "source": "Telegram/9XqhTISUbDUPo_c26c1BEinqDeNjvDc1gYqinuT1sIOuN_4", "content": "", "creation_timestamp": "2026-05-11T09:00:05.000000Z"}, {"uuid": "8b39eaf8-af64-45a9-9d2a-aaadc3e7b637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42578", "type": "published-proof-of-concept", "source": "https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr", "content": "", "creation_timestamp": "2026-05-05T18:05:31.000000Z"}, {"uuid": "c2823eec-9b45-44b4-a37b-aaac3d07658a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4257", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/wp_plugin_supsystic_contact_form_rce.rb", "content": "{\"aliases\": [], \"arch\": \"cmd\", \"author\": [\"Azril Fathoni\", \"bootstrapbool \"], \"autofilter_ports\": [80, 8080, 443, 8000, 8888, 8880, 8008, 3000, 8443], \"autofilter_services\": [\"http\", \"https\"], \"check\": true, \"default_credential\": false, \"description\": \"This module performs SSTI achieving RCE in webpages containing the\\n          Contact Form Wordpress plugin by Supsystic in versions 1.7.36 and\\n          before.\", \"disclosure_date\": \"2026-03-30\", \"fullname\": \"exploit/multi/http/wp_plugin_supsystic_contact_form_rce\", \"is_install_path\": true, \"mod_time\": \"2026-05-24 20:43:09 +0000\", \"name\": \"Supsystic Contact Form Wordpress Plugin SSTI RCE\", \"needs_cleanup\": null, \"notes\": {\"Reliability\": [\"repeatable-session\"], \"SideEffects\": [\"ioc-in-logs\"], \"Stability\": [\"crash-safe\"]}, \"path\": \"/modules/exploits/multi/http/wp_plugin_supsystic_contact_form_rce.rb\", \"platform\": \"Linux,Unix,Windows\", \"post_auth\": false, \"rank\": 600, \"ref_name\": \"multi/http/wp_plugin_supsystic_contact_form_rce\", \"references\": [\"CVE-2026-4257\", \"URL-https://github.com/bootstrapbool/cve-2026-4257\"], \"rport\": 80, \"session_types\": false, \"targets\": [\"Unix/Linux Command Shell\", \"Windows Command Shell\"], \"type\": \"exploit\"}", "creation_timestamp": "2026-05-26T00:19:39.000000Z"}]}