{"vulnerability": "cve-2026-46728", "sightings": [{"uuid": "eda11c50-e097-490b-a416-79accccb5942", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46728", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mm3dshrdb32v", "content": "U-Boot 2026.04\u672a\u6e80\u3067\u3001FIT\u7f72\u540d\u691c\u8a3c\u30d0\u30a4\u30d1\u30b9\u306e\u53ef\u80fd\u6027\u3002\u30cf\u30c3\u30b7\u30e5\u30ce\u30fc\u30c9\u304c\u30cf\u30c3\u30b7\u30e5\u304b\u3089\u7701\u7565\u3055\u308c\u3001\u653b\u6483\u8005\u306f\u4e0d\u6b63\u306a\u30a4\u30e1\u30fc\u30b8\u306e\u5b9f\u884c\u304c\u53ef\u80fd\u306b\u306a\u308b\u3002\nCVE-2026-46728 CVSS 8.2 | HIGH", "creation_timestamp": "2026-05-17T21:50:57.544510Z"}, {"uuid": "1ac750e8-daf2-4605-bc89-2dcf8067686e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46728", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlyw77gh532i", "content": "CVE-2026-46728 - Das U-Boot FIT Signature Verification Bypass\nCVE ID : CVE-2026-46728\n \n Published : May 16, 2026, 9:26 p.m. | 59\u00a0minutes ago\n \n Description : Das U-Boot before 2026.04 allows FIT (Flat Image Tree) signature verification bypass because hashed-nodes is omitted f...", "creation_timestamp": "2026-05-16T22:44:13.788107Z"}, {"uuid": "20e896a7-44aa-46e1-865b-bad36552cd25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46728", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlyx6zjxtm2e", "content": "\ud83d\udfe0 CVE-2026-46728 - High (8.2)\n\nDas U-Boot before 2026.04 allows FIT (Flat Image Tree) signature verification bypass because hash...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-46728/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-16T23:01:29.001643Z"}, {"uuid": "433fb6be-213e-40b0-b93e-9595c8fa4e08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46728", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlz2lgkzjx2j", "content": "\ud83d\udea8 HIGH: CVE-2026-46728 in denx U-Boot <2026.04 lets local privileged users bypass FIT signature checks. Restrict privileged access & monitor vendor updates. https://radar.offseq.com/threat/cve-2026-46728-cwe-346-origin-validation-error-in--fd4fda20 #OffSeq #Uboot #FirmwareSecurity", "creation_timestamp": "2026-05-17T00:00:39.391029Z"}, {"uuid": "fdac47ce-3d59-40f5-b2ab-35ad80f42384", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46728", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116586973497847352", "content": "\ud83d\udd12 CVE-2026-46728 (HIGH, CVSS 8.2) in denx U-Boot <2026.04 lets local privileged attackers bypass FIT signature checks due to hashed-nodes omission. Restrict local access & watch for patches. https://radar.offseq.com/threat/cve-2026-46728-cwe-346-origin-validation-error-in--fd4fda20 #OffSeq #Uboot #Infosec #Firmware", "creation_timestamp": "2026-05-17T00:00:51.686324Z"}]}