{"vulnerability": "cve-2026-4496", "sightings": [{"uuid": "68e80513-c771-4e31-ba78-0efeaa66269c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4496", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mhjlgtikep2v", "content": "", "creation_timestamp": "2026-03-20T22:38:56.693149Z"}, {"uuid": "d79e3ac5-d4e1-4250-9935-dbb932000c4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44966", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mms3vppgf52q", "content": "\ud83d\udfe0 CVE-2026-44966 - High (8.3)\n\nVelocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and e...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-44966/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-26T23:00:50.953167Z"}, {"uuid": "b3066e45-66eb-4f6d-a207-bbe8c9c8968d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44966", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmscxoassz2e", "content": "CVE-2026-44966 - Velocity.js: Prototype Pollution in #set path assignment\nCVE ID : CVE-2026-44966\n \n Published : May 26, 2026, 10:16 p.m. | 2\u00a0hours, 15\u00a0minutes ago\n \n Description : Velocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and ...", "creation_timestamp": "2026-05-27T01:07:12.267913Z"}, {"uuid": "b6cdd4d2-8ed1-4166-a8f9-54fa8f9ec8bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-44969", "type": "published-proof-of-concept", "source": "https://github.com/dbt-labs/dbt-mcp/security/advisories/GHSA-7xgw-6qf3-7w59", "content": "", "creation_timestamp": "2026-05-13T15:01:34.000000Z"}, {"uuid": "5527b5db-81cb-4f45-85c3-e68f940d21c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-44968", "type": "published-proof-of-concept", "source": "https://github.com/dbt-labs/dbt-mcp/security/advisories/GHSA-xpww-f6pm-cfhq", "content": "", "creation_timestamp": "2026-05-13T15:01:21.000000Z"}, {"uuid": "d4e9ba4a-bef8-4088-a68a-02e7c153ac6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44962", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmyz6o75yk2w", "content": "\ud83d\udd34 CVE-2026-44962 - Critical (9.9)\n\nPlesk contains an XPath injection vulnerability in the APS Application Catalog search functionali...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-44962/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-29T17:00:48.652582Z"}, {"uuid": "1fc8451e-d866-4c71-9c5f-f0e71eb9d09e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44962", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mn7vhke6aq2q", "content": "CVE-2026-44962: A Perfect 100 Vulnerability Puts Thousands of Linux Hosting Servers at Risk +\u00a0Video\n\nEdit Introduction: When a Simple Hosting Account Can Become Root Access The cybersecurity world has once again been reminded that even trusted infrastructure software can become a gateway to\u2026", "creation_timestamp": "2026-06-01T10:42:49.730494Z"}, {"uuid": "266efced-87ab-4d90-b21f-0108cf4d7e65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44962", "type": "seen", "source": "https://bsky.app/profile/FunctionalProgramming.activitypub.awakari.com.ap.brid.gy/post/3mn7xvawyzcr2", "content": "WebPros: Critical Plesk Vulnerability Enables Arbitrary Command Execution Critical Plesk Vulnerability (CVE-2026-44962) Exposes Linux Servers to Full Takeover A severe security flaw in WebPros Ples...\n\n#cyber #Vulnerability\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-01T11:26:26.748089Z"}, {"uuid": "b66ba731-a0ff-41d5-a529-066d0cb8c593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44962", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mn7yox25w4b2", "content": "Critical Plesk Vulnerability Let Users Execute Arbitrary Commands on the Server A newly disclosed critical vulnerability in Plesk, tracked as CVE-2026-44962, is raising serious security concerns af...\n\n#Cyber #Security #News #Vulnerability #News #cyber [\u2026] \n\n[Original post on cybersecuritynews.com]", "creation_timestamp": "2026-06-01T11:40:53.057968Z"}, {"uuid": "c0c67587-af84-46bb-8480-0e1bb753681c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-44962", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/plesk-security-advisory-av26-534", "content": "", "creation_timestamp": "2026-06-01T07:56:27.000000Z"}, {"uuid": "7c391e9d-a55e-4b2a-aca4-51650a62ca54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44962", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mnbkhiii6g2s", "content": "Top 3 CVE for last 7 days:\nCVE-2026-0257: 34 interactions\nCVE-2026-48778: 22 interactions\nCVE-2026-48095: 20 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-41089: 12 interactions\nCVE-2026-8732: 9 interactions\nCVE-2026-44962: 8 interactions\n", "creation_timestamp": "2026-06-02T02:31:16.500890Z"}, {"uuid": "9482622f-ba2d-4b47-8b07-11cbde5ff91f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44962", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mnd5lapxgx2s", "content": "Critical #Plesk vulnerability (CVE-2026-44962) allows authenticated users to execute arbitrary commands. Update to versions 18.0.76.2 or 18.0.75.1 immediately. #CyberSecurity #WebHosting Link: thedailytechfeed.com/critical-ple...", "creation_timestamp": "2026-06-02T17:46:04.599262Z"}, {"uuid": "87190446-2198-4cce-a5dd-5a7524384c56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44966", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mndsuogxzx25", "content": "\ud83d\udccc CVE-2026-44966 - Velocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and earlier, a prototype pollution vulnerability was disco... https://www.cyberhub.blog/cves/CVE-2026-44966", "creation_timestamp": "2026-06-03T00:07:07.755186Z"}, {"uuid": "0d4403fb-db15-4d32-af8a-db1c8a96de45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-44966", "type": "published-proof-of-concept", "source": "https://github.com/advisories/GHSA-j658-c2gf-x6pq", "content": "", "creation_timestamp": "2026-05-09T00:40:16.000000Z"}, {"uuid": "23d79fc3-d06a-4035-bc53-ccc9f61cc35d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44963", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnu77dgbhh2y", "content": "\ud83d\udd17 CVE : CVE-2026-44963", "creation_timestamp": "2026-06-09T12:30:25.443072Z"}, {"uuid": "0568894d-8813-4a44-8f13-e23f2df5b16c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44963", "type": "seen", "source": "https://infosec.exchange/users/decio/statuses/116720497573755563", "content": "\u26a0\ufe0f \ud83d\udc40 Source: Reported by Sina Kheirkhah [@SinSinology] of #watchtowr  \ud83c\udf7f \ud83d\udc47 CVE-2026-44963\u2b07\ufe0f A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.\nSeverity: CriticalCVSS v4 Score: 9.4\ud83d\udc47 https://www.veeam.com/kb4869\nhttps://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0712/\n\ud83e\ude79 \ud83d\udc47 https://www.veeam.com/kb4696\n#CyberVeille #veeam", "creation_timestamp": "2026-06-09T13:57:34.254030Z"}, {"uuid": "9f63970f-b703-4b44-a569-0826445c2c24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44963", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnuh7en4de2k", "content": "Critical Veeam Backup & Replication RCE Flaw Sends Shockwaves Through Enterprise Security: CVE-2026-44963 Raises Fresh Ransomware Alarm +\u00a0Video\n\nIntroduction: A Silent Weak Point Inside Enterprise Backups Backup systems are supposed to be the last line of defense, the digital \u201clife raft\u201d when\u2026", "creation_timestamp": "2026-06-09T14:53:37.282834Z"}, {"uuid": "77e15b5e-47c8-48e7-804e-2c6ad7ea4ce3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44963", "type": "seen", "source": "https://thehackernews.com/2026/06/veeam-backup-replication-rce-flaw-lets.html", "content": "Veeam has released security patches to address a critical flaw in its Backup & Replication software that could result in remote code execution.\n\nTracked as CVE-2026-44963, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10.0.\n\n\"A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user,\" Veeam said in a Tuesday advisory.\n\nIt", "creation_timestamp": "2026-06-09T14:39:47.000000Z"}, {"uuid": "c5360498-5762-462a-9b30-2f928ad4ff6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44963", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnvfridanz2m", "content": "\ud83d\udea8 Veeam Backup & Replication (CVSS 9.4, CRITICAL): Auth\u2019d domain users can run code on Backup Server via unsafe deserialization. No patch \u2014 restrict access now & monitor! https://radar.offseq.com/threat/cve-2026-44963-cwe-502-deserialization-of-untruste-55909ebc #OffSeq #Veeam #Security", "creation_timestamp": "2026-06-10T00:00:37.437017Z"}, {"uuid": "54525585-63f3-4167-8a55-458014b9a19b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44963", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116722868843960390", "content": "\u26a0\ufe0f CRITICAL: Veeam Backup & Replication flaw (CVE-2026-44963, CVSS 9.4) allows authenticated domain users to execute code via unsafe deserialization. No patch yet \u2014 restrict access & monitor closely! https://radar.offseq.com/threat/cve-2026-44963-cwe-502-deserialization-of-untruste-55909ebc #OffSeq #Veeam #Vuln #RCE", "creation_timestamp": "2026-06-10T00:00:41.791862Z"}, {"uuid": "1815a57c-ab88-40d2-9ab6-0e8b3737a71e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44963", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mnvrqefmrh2l", "content": "\ud83d\udcf0 Celah Kritis Baru Veeam Backup & Replication Ancam Server Cadangan dengan Rencana RCE\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/06/10/celah-kritis-veeam-backup-replication-ancam-rce-server/\n\n#cve-2026-44963 #komponenPc #ransomwareAkira #rce #remoteCodeExecution #serverBacku", "creation_timestamp": "2026-06-10T03:34:44.159902Z"}, {"uuid": "50c743eb-ad5a-4f49-8e8d-2bd39efc956b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44963", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnvsd4cpjq2h", "content": "Veeam fixed CVE-2026-44963, a critical 9.4 RCE flaw in Backup and Replication that let authenticated domain users run code on the Backup Server. Update to 12.3.2.4854. #Veeam #CVE202644963 #BackupRCE", "creation_timestamp": "2026-06-10T03:45:36.238613Z"}, {"uuid": "207c1089-df8b-449b-afba-e0cc1816174e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44963", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116726622213876794", "content": "A lot of offensive activities were identified targeting Veeam Backup and Replication (CVE-2026-44963) https://vuldb.com/vuln/370081/cti", "creation_timestamp": "2026-06-10T15:55:07.428156Z"}, {"uuid": "b492cccd-b945-484e-86f1-15f34a2c501c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44963", "type": "seen", "source": "https://bsky.app/profile/securestep9.bsky.social/post/3mnxbdazbw22s", "content": "#Veeam: Veeam has released security updates to patch a critical Backup & Replication security flaw that can be exploited to gain remote code execution (#RCE) vulnerability CVE-2026-44963 on domain-joined backup servers:\n\ud83d\udc47\n\nwww.bleepingcomputer.com/news/securit...", "creation_timestamp": "2026-06-10T17:46:28.567402Z"}, {"uuid": "adb540f2-2cc3-432a-841f-ec2564738ab2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44963", "type": "seen", "source": "https://bsky.app/profile/diesec.bsky.social/post/3mo3lkkpkzh2n", "content": "Veeam CVE-2026-44963 (CVSS 9.4): any domain user gets RCE on your backup server. No admin needed.\u00a0\n\nHistorical pattern: PoC drops within 48h of Veeam disclosure.\u00a0\n\nPatch to 12.3.2.4854 now \u2014 no workaround.\u00a0\n#Veeam #Ransomware #CyberSecurity", "creation_timestamp": "2026-06-12T11:00:06.507436Z"}, {"uuid": "659b8374-d9fe-45a7-93bb-e648042d63ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44963", "type": "seen", "source": "https://bsky.app/profile/technoholic.bsky.social/post/3mobwfn6t2n27", "content": "Veeam released patches for CVE-2026-44963, a critical RCE flaw in Backup & Replication with a CVSS score of 9.4. Update now to avoid remote code execution risks. #CyberSecurity", "creation_timestamp": "2026-06-14T23:30:09.689117Z"}]}