{"vulnerability": "cve-2026-44442", "sightings": [{"uuid": "ce318b53-0f82-4cda-8cd7-5e9aba7b57a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44442", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116569986785870789", "content": "\ud83d\udea8 CRITICAL vuln: ERPNext <16.9.1 (CVE-2026-44442) lets users with limited rights modify data due to missing authorization. Update ASAP to 16.9.1+ to fix. No known exploits yet. Details: https://radar.offseq.com/threat/cve-2026-44442-cwe-862-missing-authorization-in-fr-ebe7ec52 #OffSeq #ERPNext #Vuln #AppSec", "creation_timestamp": "2026-05-14T00:00:41.803147Z"}, {"uuid": "0b05bf4b-3eb9-462e-9a77-6856e50a891c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44442", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlrj6rfwru2j", "content": "CRITICAL: ERPNext <16.9.1 has a missing auth vuln (CVE-2026-44442) \u2014 users could escalate privileges & modify data. Upgrade to 16.9.1+ now. No exploits reported yet. https://radar.offseq.com/threat/cve-2026-44442-cwe-862-missing-authorization-in-fr-ebe7ec52 #OffSeq #ERPNext #Security", "creation_timestamp": "2026-05-14T00:00:42.057045Z"}, {"uuid": "98a0d14c-2917-4835-b1a5-d66b09dc42c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44442", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mltpxdc6os2s", "content": "\ud83d\udccc CVE-2026-44442 - ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 16.9.1, certain endpoints failed to enforce proper authorization checks,... https://www.cyberhub.blog/cves/CVE-2026-44442", "creation_timestamp": "2026-05-14T21:07:08.116781Z"}]}