{"vulnerability": "cve-2026-44257", "sightings": [{"uuid": "cd3c592c-7d01-411d-89bb-d58648d2de95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44257", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlphsg4x3b23", "content": "\ud83d\udd34 CRITICAL vuln in efwGrp efw4.X (<4.08.010): Remote attackers can upload webshells & run commands as Tomcat due to path traversal. Upgrade to 4.08.010 now! https://radar.offseq.com/threat/cve-2026-44257-cwe-77-improper-neutralization-of-s-a113f36f #OffSeq #infosec #patchnow", "creation_timestamp": "2026-05-13T04:30:34.519346Z"}, {"uuid": "b08a98a9-1712-44bf-b26e-918b680c5ab6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44257", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116565385652211978", "content": "\ud83d\udea8 CRITICAL: CVE-2026-44257 in efwGrp efw4.X (<4.08.010) enables remote, unauthenticated command execution via crafted zip uploads and path traversal. Patch to 4.08.010 ASAP. https://radar.offseq.com/threat/cve-2026-44257-cwe-77-improper-neutralization-of-s-a113f36f #OffSeq #vuln #infosec #websecurity", "creation_timestamp": "2026-05-13T04:30:40.702982Z"}]}