{"vulnerability": "cve-2026-42882", "sightings": [{"uuid": "4ec2995b-11f8-43e6-a547-3edd6bc50353", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42882", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlmakxtgsm2p", "content": "CVE-2026-42882 - oxyno-zeta/s3-proxy: Security Issues in Resource Path Matching\nCVE ID : CVE-2026-42882\n \n Published : May 11, 2026, 8:25 p.m. | 5\u00a0minutes ago\n \n Description : oxyno-zeta/s3-proxy is an aws s3 proxy written in go. Prior to 5.0.0, s3-proxy contains an authentica...", "creation_timestamp": "2026-05-11T21:43:08.689637Z"}, {"uuid": "904f553b-3f25-42b5-bcad-519ccd936793", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42882", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mln4edlx4r2m", "content": "CRITICAL: oxyno-zeta s3-proxy (<5.0.0) path traversal bug lets attackers bypass auth and access S3 objects. Upgrade to 5.0.0+ immediately! https://radar.offseq.com/threat/cve-2026-42882-cwe-22-improper-limitation-of-a-pat-5be1c7df #OffSeq #CVE202642882 #CloudSecurity", "creation_timestamp": "2026-05-12T06:00:34.339848Z"}, {"uuid": "060f81cb-4464-4127-8f3c-e9b3424fcd4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42882", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116560077036026924", "content": "\ud83d\udea8 CVE-2026-42882 (CRITICAL): oxyno-zeta s3-proxy <5.0.0 has a path traversal bug, letting unauthenticated attackers bypass auth to access or modify protected S3 objects. Patch to v5.0.0 now! https://radar.offseq.com/threat/cve-2026-42882-cwe-22-improper-limitation-of-a-pat-5be1c7df #OffSeq #CVE202642882 #CloudSecurity #Vuln", "creation_timestamp": "2026-05-12T06:00:37.052096Z"}, {"uuid": "203d8192-92bf-49db-9cec-7b6da8aac9cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42882", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mln4p754fi2t", "content": "\ud83d\udd34 CVE-2026-42882 - Critical (9.4)\n\noxyno-zeta/s3-proxy is an aws s3 proxy written in go. Prior to 5.0.0, s3-proxy contains an authen...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42882/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-12T06:06:36.618355Z"}]}