{"vulnerability": "cve-2026-4534", "sightings": [{"uuid": "a8df8d72-28af-4983-8cad-c8f655593f2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4534", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mhmvrgvgvu2y", "content": "", "creation_timestamp": "2026-03-22T06:21:48.015251Z"}, {"uuid": "33cad88d-a0b2-4cac-8407-8d285df87845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4534", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mhmwvnxpwv2n", "content": "", "creation_timestamp": "2026-03-22T06:42:03.686563Z"}, {"uuid": "69960a6f-05b8-40f4-b74c-cc43a1c7bca4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4534", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116271652989474640", "content": "", "creation_timestamp": "2026-03-22T07:30:27.702446Z"}, {"uuid": "265e4b75-9af2-4633-9ef3-9d3e74b27748", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4534", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mhmzmb4z4h2u", "content": "", "creation_timestamp": "2026-03-22T07:30:29.665298Z"}, {"uuid": "fc389890-1d6c-4806-9e66-6493c0a8bb07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-45349", "type": "published-proof-of-concept", "source": "https://github.com/advisories/GHSA-gfm2-xm6c-37qc", "content": "", "creation_timestamp": "2026-05-14T20:24:35.000000Z"}, {"uuid": "2b5434d6-0c6f-4f52-a46d-65c804e5ea13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-4534", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-4534", "content": "", "creation_timestamp": "2026-03-22T04:16:19.000000Z"}, {"uuid": "131a7ed7-c55c-42af-8133-d7b79480c6e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45345", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlwocnrknq2e", "content": "CVE-2026-45345 - Open WebUI: Missing authorization check at the model update function - models from other users can be updated\nCVE ID : CVE-2026-45345\n \n Published : May 15, 2026, 10:16 p.m. | 1\u00a0hour, 19\u00a0minutes ago\n \n Description : Open WebUI is a self-hosted artificial intel...", "creation_timestamp": "2026-05-16T01:15:40.211723Z"}, {"uuid": "9e62b36d-818b-4a16-b4ac-81c727e589ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45347", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlwmx6fwfz2t", "content": "CVE-2026-45347 - Open WebUI: Blind server side request forgery (SSRF) via the PDF generate function\nCVE ID : CVE-2026-45347\n \n Published : May 15, 2026, 10:16 p.m. | 1\u00a0hour, 19\u00a0minutes ago\n \n Description : Open WebUI is a self-hosted artificial intelligence platform designed t...", "creation_timestamp": "2026-05-16T00:51:20.782482Z"}, {"uuid": "73dee3e2-1e68-47fc-bfa5-61a70ad7b37d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4534", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mimemrjpqo2i", "content": "", "creation_timestamp": "2026-04-03T18:40:10.262460Z"}, {"uuid": "438e7a0e-cedb-4426-bd26-4065fed9ceba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45348", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmws476nob2e", "content": "CVE-2026-45348 - pyLoad: Stored XSS in Downloads view via unsanitized link URL in packages.js template literal\nCVE ID : CVE-2026-45348\n \n Published : May 28, 2026, 6:16 p.m. | 54\u00a0minutes ago\n \n Description : pyLoad is a free and open-source download manager written in Python. ...", "creation_timestamp": "2026-05-28T19:48:49.498899Z"}, {"uuid": "d2b3a2d7-dacc-415f-96d5-e8e8b139e397", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-45348", "type": "published-proof-of-concept", "source": "https://github.com/pyload/pyload/security/advisories/GHSA-fcjq-435v-jx94", "content": "", "creation_timestamp": "2026-05-09T23:21:22.000000Z"}, {"uuid": "0bdf1c1a-7ec4-4d07-8521-e2f2a3d38358", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-45347", "type": "published-proof-of-concept", "source": "https://github.com/open-webui/open-webui/security/advisories/GHSA-f776-fp4w-266c", "content": "", "creation_timestamp": "2026-05-09T22:47:27.000000Z"}, {"uuid": "79259dc6-3af9-47d2-88d9-113d42199f18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-45346", "type": "published-proof-of-concept", "source": "https://github.com/open-webui/open-webui/security/advisories/GHSA-r29h-37fj-x2w6", "content": "", "creation_timestamp": "2026-05-09T22:20:05.000000Z"}, {"uuid": "68022be5-4ddf-49cb-be6b-765661a0cf18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-45345", "type": "published-proof-of-concept", "source": "https://github.com/open-webui/open-webui/security/advisories/GHSA-gm54-m39w-grjp", "content": "", "creation_timestamp": "2026-05-09T22:10:27.000000Z"}, {"uuid": "c2d3a920-29f4-44c8-a47f-aaaa14bf37e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45344", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmx4tgkkqy2w", "content": "\ud83d\udfe0 CVE-2026-45344 - High (8.1)\n\nLinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the setup database con...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-45344/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-28T23:00:47.255042Z"}, {"uuid": "ba9f1ca0-1b9b-4831-b138-9652348b673c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45348", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmwpgw3uve2g", "content": "\ud83d\udfe0 CVE-2026-45348 - High (8.7)\n\npyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-45348/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-28T19:01:08.731038Z"}, {"uuid": "ab14d989-560a-4ea4-8b3f-8c12dc6192d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45343", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmx7k4dw572k", "content": "CVE-2026-45343 - LinkAce - Stored XSS via Unsanitized SSO User's Name Rendered in Admin Audit Log Allows Session Hijacking\nCVE ID : CVE-2026-45343\n \n Published : May 28, 2026, 10:17 p.m. | 53\u00a0minutes ago\n \n Description : LinkAce is a self-hosted archive to collect website link...", "creation_timestamp": "2026-05-28T23:49:15.116998Z"}, {"uuid": "9a1ed8af-cff1-407e-98db-1f09901f8023", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45344", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmxavr27ul2k", "content": "CVE-2026-45344 - LinkAce: Setup database password newline injection enables pre-auth RCE on uninitialized instances\nCVE ID : CVE-2026-45344\n \n Published : May 28, 2026, 10:17 p.m. | 53\u00a0minutes ago\n \n Description : LinkAce is a self-hosted archive to collect website links. Prio...", "creation_timestamp": "2026-05-29T00:13:39.609867Z"}]}