{"vulnerability": "cve-2026-45714", "sightings": [{"uuid": "58918e78-26e3-4a18-8e59-bb759bce7255", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45714", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlrj5qnbnd2e", "content": "CVE-2026-45714 - CubeCart: Server-Side Template Injection (SSTI) in Smarty Templates leading to RCE\nCVE ID : CVE-2026-45714\n \n Published : May 13, 2026, 9:16 p.m. | 14\u00a0minutes ago\n \n Description : CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Ser...", "creation_timestamp": "2026-05-14T00:00:08.032168Z"}, {"uuid": "8b907c73-871b-46ce-90a0-87a8e14a1496", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45714", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlro7dqd722v", "content": "CubeCart < 6.7.0 hit by CRITICAL SSTI flaw \u2014 admins can run OS commands via Smarty templates (RCE risk). Upgrade to 6.7.0+ now! https://radar.offseq.com/threat/cve-2026-45714-cwe-94-improper-control-of-generati-b4219bcf #OffSeq #CubeCart #RCE", "creation_timestamp": "2026-05-14T01:30:30.609096Z"}, {"uuid": "428d03fe-6975-41f7-b771-0f0c64127cb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45714", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116570339883701677", "content": "\ud83d\udea8 CRITICAL: CVE-2026-45714 in CubeCart < 6.7.0 enables authenticated admins to execute OS commands via SSTI (Smarty engine) \u2014 full RCE risk. Patch to 6.7.0+ ASAP! https://radar.offseq.com/threat/cve-2026-45714-cwe-94-improper-control-of-generati-b4219bcf #OffSeq #CubeCart #SSTI #RCE #Vuln", "creation_timestamp": "2026-05-14T01:32:49.656352Z"}]}