{"vulnerability": "cve-2026-4636", "sightings": [{"uuid": "7f90adea-063c-4671-b9c5-785f3fb96f74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4636", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mijgqyyqyh2q", "content": "", "creation_timestamp": "2026-04-02T14:40:19.589261Z"}, {"uuid": "b828ca5b-c3ec-409a-83e8-b6e26e8c51e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4636", "type": "published-proof-of-concept", "source": "Telegram/613aY007LGHyW6_rIrja4BsrlzuBvUbPzSCrjge10VR5WoE", "content": "", "creation_timestamp": "2026-04-02T15:21:07.000000Z"}, {"uuid": "d262cba6-9505-4857-a79b-a492b1758a88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4636", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3miptsu4t2a27", "content": "", "creation_timestamp": "2026-04-05T03:49:59.228357Z"}, {"uuid": "17b3c3c9-02a1-4e6b-8d9a-21d2167c15ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46366", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlwcjmu7ci2n", "content": "CVE-2026-46366 - phpMyFAQ - Unauthenticated Information Disclosure via getIdFromSolutionId Permission Bypass\nCVE ID : CVE-2026-46366\n \n Published : May 15, 2026, 7:17 p.m. | 50\u00a0minutes ago\n \n Description : phpMyFAQ before 4.1.2 contains an information disclosure vulnerability ...", "creation_timestamp": "2026-05-15T21:44:48.576890Z"}, {"uuid": "fdb0f850-2c60-4c45-8487-3d7470611d01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4636", "type": "seen", "source": "Telegram/1FZmwvj65iY9NiI7VGWCBujhZKTilfhPPvdqi0EqVANQnis", "content": "", "creation_timestamp": "2026-04-02T15:20:57.000000Z"}, {"uuid": "372d37e0-657f-440a-9875-c01fb5c52d68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46364", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlwk4jqvtu23", "content": "\ud83d\udea8 CRITICAL SQL injection in phpMyFAQ <4.1.2: Unauthenticated attackers can extract credentials via /api/captcha. Restrict access & apply WAF rules now. Patch status unconfirmed. https://radar.offseq.com/threat/cve-2026-46364-improper-neutralization-of-special--9adafcbf #OffSeq #SQLInjection #phpM...", "creation_timestamp": "2026-05-16T00:00:39.862782Z"}, {"uuid": "361711bb-e0ec-4ec2-a250-dbce7a4a50d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46367", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlxvqmi4nx2l", "content": "\ud83d\udfe0 CVE-2026-46367 - High (7.6)\n\nphpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in Utils::parseUrl() t...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-46367/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-16T13:05:11.448024Z"}, {"uuid": "1646f6d4-d444-40d0-a784-a6510c664b92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46366", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mly4fdom2z26", "content": "\ud83d\udfe0 CVE-2026-46366 - High (7.5)\n\nphpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the getIdFromSolutionId...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-46366/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-16T15:00:22.676478Z"}, {"uuid": "f53d6c69-18bf-4e04-8884-139a9c426620", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46366", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mly4u2ndop2l", "content": "\ud83d\udfe0 CVE-2026-46366 - High (7.5)\n\nphpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the getIdFromSolutionId...\n\nhttps://www.themasherwire.com/vulnerability/CVE-2026-46366/\n\n#infosec #potatosecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-16T15:08:35.647374Z"}, {"uuid": "0d46809e-b407-4108-baec-4d9cb88c959c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46368", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmreiuw4jh2n", "content": "\ud83d\udfe0 CVE-2026-46368 - High (8.8)\n\nluci-app-https-dns-proxy through 2025.12.29-5 \u2014 an optional LuCI web UI add-on for the https-dn...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-46368/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-26T16:02:04.997330Z"}]}