{"vulnerability": "cve-2026-4490", "sightings": [{"uuid": "947851da-fe7d-446b-b7d4-7c0838a926a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4490", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mhj7a4z6sj2u", "content": "", "creation_timestamp": "2026-03-20T19:00:25.538885Z"}, {"uuid": "cd9f0097-0af8-4975-85a3-36200288dc9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44905", "type": "seen", "source": "https://gist.github.com/tw89Coder/cd011dc1842625f821c171e41e812fbc", "content": "# Security Research & Advisories\n\nA curated list of my public security research, vulnerability disclosures, and assigned advisories. \n\n| Target / Component | Vulnerability Type | Identifier(s) | Published(GMT +8) |\n| :--- | :--- | :--- | :--- |\n| **Vanetza** | Remote Denial of Service via Uncaught Exception in ECC Verification | `CVE-2026-37554``GHSA-44qj-vh8c-5354` | May 06, 2026 |\n| **Vanetza** | Remote Denial of Service via Uncaught Exception in ASN.1/OER Parsing | `CVE-2026-43988``GHSA-j6cj-rp87-mfrx` | May 06, 2026 |\n| **Vanetza** | Remote Denial of Service via Uncaught OER Encoding Exception in Cryptographic Verification | `CVE-2026-44905``GHSA-q9fq-3rx9-7xcv` | May 09, 2026 |\n| **mouse07410/asn1c** | 1-byte Heap Out-of-Bounds Read in `INTEGER_decode_oer` via Malformed OER Payload | `CVE-Request``GHSA-wxx8-76rw-96j2` | May 11, 2026 |\n\n> **Notes on Availability:**\n> * **CVE Status:** Some assigned CVEs might currently be in the **RESERVED** state pending full publication by NVD/MITRE.\n> * **GHSA Synchronization:** Certain GHSAs have not yet synchronized to the global GitHub Advisory Database. These can be viewed directly under the \"Security\" tab within the respective project's repository.", "creation_timestamp": "2026-05-11T20:29:17.000000Z"}, {"uuid": "aa29ddca-858a-4094-a730-da24423263ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44905", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mms3violnv2e", "content": "\ud83d\udfe0 CVE-2026-44905 - High (7.5)\n\nVanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-44905/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-26T23:00:43.634418Z"}, {"uuid": "bf90a222-bee6-4664-a17f-a0a6b1fda462", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44903", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmsd73zcda2o", "content": "CVE-2026-44903 - Prometheus: Stored XSS via crafted histogram bucket label values in the heatmap display of the old Prometheus web UI\nCVE ID : CVE-2026-44903\n \n Published : May 26, 2026, 10:16 p.m. | 2\u00a0hours, 15\u00a0minutes ago\n \n Description : Prometheus is an open-source monitor...", "creation_timestamp": "2026-05-27T01:11:21.894006Z"}, {"uuid": "cc25e78c-98f1-4c14-8ccc-7b88c1ecbc89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44905", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmsddafoew2i", "content": "CVE-2026-44905 - Vanetza: Remote Denial of Service via Uncaught OER Encoding Exception in Cryptographic Verification\nCVE ID : CVE-2026-44905\n \n Published : May 26, 2026, 10:16 p.m. | 2\u00a0hours, 15\u00a0minutes ago\n \n Description : Vanetza is an open-source implementation of the ETSI ...", "creation_timestamp": "2026-05-27T01:13:40.392209Z"}, {"uuid": "29b8d3d1-b86e-4c1c-97bd-4d1cc75e36cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44900", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmsmp5p25f2k", "content": "\ud83d\udfe0 CVE-2026-44900 - High (8.1)\n\nepa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-44900/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-27T04:01:25.342774Z"}, {"uuid": "4a26065c-386b-4d5c-999d-9986c8f5a457", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-44902", "type": "published-proof-of-concept", "source": "https://github.com/open-telemetry/opentelemetry-js/security/advisories/GHSA-q7rr-3cgh-j5r3", "content": "", "creation_timestamp": "2026-05-06T15:40:57.000000Z"}, {"uuid": "906ca8c1-faab-485e-921d-1a283f942fc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44902", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmtye5ufzl2t", "content": "\ud83d\udfe0 CVE-2026-44902 - High (7.5)\n\nopentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 0.217.0, a single malformed HTT...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-44902/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-27T17:02:41.704069Z"}]}