{"vulnerability": "cve-2026-4861", "sightings": [{"uuid": "6ace13eb-9987-45d5-bc86-cca502f8854c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4861", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mhxb3avri227", "content": "", "creation_timestamp": "2026-03-26T09:10:45.792930Z"}, {"uuid": "fe0af6f9-5c7f-4aab-84ed-0b7082f38d95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4861", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mhyssrmkgn2r", "content": "", "creation_timestamp": "2026-03-27T00:00:49.096599Z"}, {"uuid": "5bda4f31-974d-4e84-b75f-80c6556604a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48612", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mo2xh6tipn24", "content": "\ud83d\udfe0 CVE-2026-48612 - High (8)\n\nImproper state verification in the OAuth implementation could allow an attacker to manipulate the...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48612/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-12T05:00:18.538046Z"}, {"uuid": "7a52740a-98bb-4653-834b-90d8105a51f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mo2xhfwjef24", "content": "\ud83d\udd34 CVE-2026-48611 - Critical (9.8)\n\nImproper authentication checks in the OAuth implementation allow account hijacking even when OAut...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48611/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-12T05:00:25.771993Z"}, {"uuid": "3b555532-28e3-4f57-8a1b-66af8593f46c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48612", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mo2yjlei6u2g", "content": "CVE-2026-48612 - Okta OAuth Account Linking Vulnerability\nCVE ID : CVE-2026-48612\n \n Published : June 12, 2026, 4:17 a.m. | 49\u00a0minutes ago\n \n Description : Improper state verification in the OAuth implementation could allow an attacker to manipulate the authentication flow and...", "creation_timestamp": "2026-06-12T05:19:31.512339Z"}, {"uuid": "35ca5189-c5fd-459b-9810-306d1bc3f230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mo2zi7lj7g2b", "content": "CVE-2026-48611 - Google OAuth Account Hijacking Vulnerability\nCVE ID : CVE-2026-48611\n \n Published : June 12, 2026, 4:17 a.m. | 49\u00a0minutes ago\n \n Description : Improper authentication checks in the OAuth implementation allow account hijacking even when OAuth is not configured ...", "creation_timestamp": "2026-06-12T05:36:39.457402Z"}, {"uuid": "e9cbe112-fa19-4f52-8908-3fc0dd436c53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48610", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mo3224idol25", "content": "CVE-2026-48610 - UniFi OS Improper Access Control Vulnerability\nCVE ID : CVE-2026-48610\n \n Published : June 12, 2026, 4:17 a.m. | 49\u00a0minutes ago\n \n Description : Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Con...", "creation_timestamp": "2026-06-12T05:46:40.140339Z"}, {"uuid": "e36a768c-2b93-450a-8aeb-99387d0bf6b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48613", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mo3a7dmx5p2r", "content": "CVE-2026-48613 - phpBB SQL Injection via Profile Field Migration\nCVE ID : CVE-2026-48613\n \n Published : June 12, 2026, 4:17 a.m. | 3\u00a0hours, 3\u00a0minutes ago\n \n Description : SQL injection vulnerability in phpBB profile field migration due to improper handling of user-supplied pro...", "creation_timestamp": "2026-06-12T07:36:57.890732Z"}, {"uuid": "a24937df-49b4-455c-b954-fe23f30c80d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48610", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mo3bkccbxg2a", "content": "\ud83d\udfe0 CVE-2026-48610 - High (8.1)\n\nUnder certain network configurations, a malicious actor with access to network could exploit an I...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48610/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-12T08:01:00.507832Z"}, {"uuid": "75abc62b-2fa3-4203-a23a-911486f8ec79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48610", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mo3ozhj7pn25", "content": "CVE-2026-48610 - Improper Access Control in UniFi OS. Network-based exploitation allows unauthorized device changes. CVSS 8.1. No patch available. Apply strict access controls now. #CVE #Ubiquiti #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-48610/", "creation_timestamp": "2026-06-12T12:02:06.623450Z"}, {"uuid": "eafd2b2b-58c3-452a-8809-b3c12bc6ed8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/ROllerozxa.hachyderm.io.ap.brid.gy/post/3mo4fv2jki6o2", "content": "Apparently there is a critical #phpBB vulnerability (CVE-2026-48611) that allows anyone to hijack user accounts on any forum with a vulnerable version that has mostly flown under the radar. Someone on a forum I frequent managed to log into the admin account to demonstrate it.\n\nThe fix seems to [\u2026]", "creation_timestamp": "2026-06-12T18:51:21.894384Z"}, {"uuid": "cdb45630-0dbd-4458-9ae7-68760b693950", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48616", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moh3tgoovh22", "content": "CVE-2026-48616 - Rocket.Chat Livechat File Access Control Bypass\nCVE ID : CVE-2026-48616\n \n Published : June 16, 2026, 11:08 p.m. | 24\u00a0minutes ago\n \n Description : Rocket.Chat versions &lt;8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, 7.13.9, 7.10.13 has an access control vulnerab...", "creation_timestamp": "2026-06-17T00:50:40.195195Z"}, {"uuid": "ebec946e-b71d-4943-93dd-0bf6d0b3b501", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48610", "type": "seen", "source": "https://www.acn.gov.it/portale/w/risolte-vulnerabilita-nei-prodotti-ubiquiti", "content": "", "creation_timestamp": "2026-06-18T06:25:42.000000Z"}, {"uuid": "223d8581-da70-4665-898d-bc5821fe575f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48617", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3molgqhznlu2s", "content": "CVE-2026-48617 - A flaw in Node.js Permission Model enforcement all\nCVE ID : CVE-2026-48617\n \n Published : June 18, 2026, 4:21 p.m. | 1\u00a0hour, 21\u00a0minutes ago\n \n Description : A flaw in Node.js Permission Model enforcement allows Bypass via `process.report.writeReport()` Path Mi...", "creation_timestamp": "2026-06-18T18:16:30.956717Z"}, {"uuid": "cd51a0f2-8dae-4473-bfa5-836fb23128fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48618", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3mon66r4i6w2y", "content": "Node.js fixed 13 CVEs across 22.23.0, 24.17.0 and 26.3.1. The two HIGH-rated ones stand out: a WebCrypto AES integer overflow (CVE-2026-48933) that aborts the process, and a TLS authentication bypass (CVE-2026-48618). Is your CI pinned to a patched minor yet?\n\n#nodejs", "creation_timestamp": "2026-06-19T10:48:46.767789Z"}, {"uuid": "9ef753b9-2c3d-45c6-b159-32087fe775d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48615", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3moni2fdzi32c", "content": "\ud83d\udd17 CVE : CVE-2026-21636, CVE-2026-48615, CVE-2026-48617, CVE-2026-48618, CVE-2026-48619, CVE-2026-48928, CVE-2026-48930, CVE-2026-48931, CVE-2026-48933, CVE-2026-48934, CVE-2026-48935, CVE-2026-48936, CVE-2026-48937", "creation_timestamp": "2026-06-19T13:45:17.282026Z"}, {"uuid": "bb9fe8ca-6316-4576-9367-469fcc94756a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48617", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3moni2fdzi32c", "content": "\ud83d\udd17 CVE : CVE-2026-21636, CVE-2026-48615, CVE-2026-48617, CVE-2026-48618, CVE-2026-48619, CVE-2026-48928, CVE-2026-48930, CVE-2026-48931, CVE-2026-48933, CVE-2026-48934, CVE-2026-48935, CVE-2026-48936, CVE-2026-48937", "creation_timestamp": "2026-06-19T13:45:17.431016Z"}, {"uuid": "56cfecf3-3e3d-4b0c-a1ed-47750566889c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48618", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3moni2fdzi32c", "content": "\ud83d\udd17 CVE : CVE-2026-21636, CVE-2026-48615, CVE-2026-48617, CVE-2026-48618, CVE-2026-48619, CVE-2026-48928, CVE-2026-48930, CVE-2026-48931, CVE-2026-48933, CVE-2026-48934, CVE-2026-48935, CVE-2026-48936, CVE-2026-48937", "creation_timestamp": "2026-06-19T13:45:17.569948Z"}, {"uuid": "0df6a9c0-4428-4894-a093-85774030e626", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48619", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3moni2fdzi32c", "content": "\ud83d\udd17 CVE : CVE-2026-21636, CVE-2026-48615, CVE-2026-48617, CVE-2026-48618, CVE-2026-48619, CVE-2026-48928, CVE-2026-48930, CVE-2026-48931, CVE-2026-48933, CVE-2026-48934, CVE-2026-48935, CVE-2026-48936, CVE-2026-48937", "creation_timestamp": "2026-06-19T13:45:17.713413Z"}, {"uuid": "9d369dd8-6232-4a32-9870-9a9cde15d431", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48618", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3motlougng225", "content": "Node.js\u30012026\u5e746\u6708\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30ea\u30ea\u30fc\u30b9\u306712\u4ef6\u306e\u8106\u5f31\u6027\u3092\u4fee\u6b63(CVE-2026-48933,CVE-2026-48618)\u4ed6\n\nrocket-boys.co.jp/security-mea...\n\n#\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56Lab #security #securitynews", "creation_timestamp": "2026-06-22T00:06:27.224302Z"}, {"uuid": "fe53e6dd-f46f-4cf3-ae27-c6b4500ab73a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48617", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/node-js-multiple-vulnerabilities_20260622", "content": "", "creation_timestamp": "2026-06-21T19:00:00.000000Z"}, {"uuid": "a7ba74a4-14f5-49d6-8254-7164331a4ea5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48618", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/node-js-multiple-vulnerabilities_20260622", "content": "", "creation_timestamp": "2026-06-21T19:00:00.000000Z"}, {"uuid": "7c39fe83-08d3-4bd7-8403-1c8e49d47257", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48619", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/node-js-multiple-vulnerabilities_20260622", "content": "", "creation_timestamp": "2026-06-21T19:00:00.000000Z"}, {"uuid": "db639bef-6ed0-47e6-abc8-e762f980340d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48615", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/node-js-multiple-vulnerabilities_20260622", "content": "", "creation_timestamp": "2026-06-21T19:00:00.000000Z"}, {"uuid": "a5c2684e-54e8-477d-84fc-e74b047b8be2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48615", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5uw4vm7c2z", "content": "CVE-2026-48615 - Node.js Proxy Credentials Exposure via Tunnel Error\nCVE ID : CVE-2026-48615\n \n Published : June 26, 2026, 1:14 a.m. | 30\u00a0minutes ago\n \n Description : A flaw in Node.js proxy tunnel error handling could expose proxy credentials in `ERR_PROXY_TUNNEL` error messa...", "creation_timestamp": "2026-06-26T02:18:08.323782Z"}, {"uuid": "bd631dc6-15e4-4d73-8f4f-b88dc7939c94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48618", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5vf2wefo2n", "content": "CVE-2026-48618 - Node.js TLS Hostname Normalization Bypass\nCVE ID : CVE-2026-48618\n \n Published : June 26, 2026, 1:14 a.m. | 30\u00a0minutes ago\n \n Description : A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth ...", "creation_timestamp": "2026-06-26T02:26:29.708770Z"}, {"uuid": "33fe3328-5092-4a85-a9fd-d7a4d740927c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48619", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5wajk2nj2b", "content": "CVE-2026-48619 - Node.js HTTP/2 Out of Memory Vulnerability\nCVE ID : CVE-2026-48619\n \n Published : June 26, 2026, 1:14 a.m. | 30\u00a0minutes ago\n \n Description : A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Ou...", "creation_timestamp": "2026-06-26T02:41:51.056388Z"}, {"uuid": "b46f759e-c672-4463-83f6-5f23e6fd706b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48618", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116814172949655181", "content": "CVE-2026-48618: Node.js HIGH severity vuln in TLS hostname handling (Unicode dot normalization flaw). Affects 22.22.3, 24.16.0, 26.3.0. No patch yet \u2014 restrict use &amp; monitor vendor advisory. https://radar.offseq.com/threat/cve-2026-48618-cwe-176-improper-handling-of-unicod-6526a729870e7650 #OffSeq #NodeJS #Vulnerability #TLS #Security", "creation_timestamp": "2026-06-26T03:00:25.919977Z"}, {"uuid": "b04668c5-495a-4827-94bf-809868d492ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48618", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mp5xbrtm6n2m", "content": "HIGH severity vuln in Node.js (CVE-2026-48618) impacts TLS hostname checks in 22.22.3, 24.16.0, 26.3.0. No patch \u2014 monitor advisories &amp; limit use in sensitive cases. https://radar.offseq.com/threat/cve-2026-48618-cwe-176-improper-handling-of-unicod-6526a729870e7650 #OffSeq #NodeJS #Security", "creation_timestamp": "2026-06-26T03:00:27.345490Z"}, {"uuid": "235d9c86-8905-424d-9833-15946cc6be11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48618", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mp664kt66l2k", "content": "Daily IT Security Digest \u2014 2026-06-26\ncompromise). PEAR ransomware claimed 9.3 TB theft from Optimum First Mortgage including SSNs and financial records. [Source: Multiple @infosec.exchange posts]\n\n## 8. Notable Vulnerabilities &amp; Policy Updates\n\n- **CVE-2026-48618** (HIGH): Node.js TLS hostname", "creation_timestamp": "2026-06-26T05:02:47.825341Z"}, {"uuid": "4ebfe0b8-1809-4038-972e-450e6bd9fe61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48616", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpcjiqi7ax2x", "content": "\ud83d\udccc CVE-2026-48616 - Rocket.Chat versions &lt;8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, 7.13.9, 7.10.13 has an access control vulnerability in Livechat files. Protected file ... https://www.cyberhub.blog/cves/CVE-2026-48616", "creation_timestamp": "2026-06-27T22:37:06.721649Z"}, {"uuid": "b2af75be-7bee-4ddc-aada-4b258ec4f3fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48611", "type": "published-proof-of-concept", "source": "https://www.aikido.dev/blog/authentication-bypass-phpbb-technical-writeup", "content": "", "creation_timestamp": "2026-07-03T04:00:54.957519Z"}, {"uuid": "8a20348a-ba0c-4101-ac56-1389b9d5abb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpsqqmdovk2k", "content": "\ud83d\udc49 PTT-2026-004 (CVE-2026-48611, 9.4): the PoC shows the full path from a single crafted request to a valid admin session. No credentials that work, no prior access, no user interaction. Just the request and the session cookie that _shouldn't_ exist.\n\nAND", "creation_timestamp": "2026-07-04T09:29:28.358277Z"}, {"uuid": "22ea5dd0-eceb-497e-bfb1-d06a70566caa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48612", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpsqqmdovk2k", "content": "\ud83d\udc49 PTT-2026-005 (CVE-2026-48612, 8.3): the PoC walks through the silent OAuth account takeover, including the case where the victim only has to load a forum post for the chain to fire.\n\npentest-tools.com/research/php...", "creation_timestamp": "2026-07-04T09:29:28.792217Z"}, {"uuid": "058122fe-b188-49bb-bda8-a9844b365d0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpsqqogfo22k", "content": "\ud83d\udc49 PTT-2026-004 (CVE-2026-48611, 9.4): the PoC shows the full path from a single crafted request to a valid admin session. No credentials that work, no prior access, no user interaction. Just the request and the session cookie that _shouldn't_ exist.\n\nAND", "creation_timestamp": "2026-07-04T09:29:29.216939Z"}, {"uuid": "78541b82-b6e5-4d2a-b8b2-02f924c7154a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48612", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpsqqogfo22k", "content": "\ud83d\udc49 PTT-2026-005 (CVE-2026-48612, 8.3): the PoC walks through the silent OAuth account takeover, including the case where the victim only has to load a forum post for the chain to fire.\n\npentest-tools.com/research/php...", "creation_timestamp": "2026-07-04T09:29:29.641412Z"}, {"uuid": "195ee082-8598-46f1-948a-8df61571c3dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpsqqpiqcc2k", "content": "\ud83d\udc49 PTT-2026-004 (CVE-2026-48611, 9.4): the PoC shows the full path from a single crafted request to a valid admin session. No credentials that work, no prior access, no user interaction. Just the request and the session cookie that _shouldn't_ exist.\n\nAND", "creation_timestamp": "2026-07-04T09:29:30.084249Z"}, {"uuid": "7319d9bc-6449-4159-b52e-056794429778", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48612", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpsqqpiqcc2k", "content": "\ud83d\udc49 PTT-2026-005 (CVE-2026-48612, 8.3): the PoC walks through the silent OAuth account takeover, including the case where the victim only has to load a forum post for the chain to fire.\n\npentest-tools.com/research/php...", "creation_timestamp": "2026-07-04T09:29:30.522452Z"}, {"uuid": "3d1ba36a-7ec6-48e9-8255-014c82f4c1a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/netalexx.bsky.social/post/3mpszfmkkxc2i", "content": "phpBB PTT-2026-004 (CVE-2026-48611) requires a single unauthenticated HTTP request and works on default phpBB installations. PTT-2026-005 (CVE-2026-48612) requires phpBB to have OAuth configured", "creation_timestamp": "2026-07-04T12:04:19.673743Z"}, {"uuid": "d481869a-19ca-4d49-afaf-65683bce3023", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48612", "type": "seen", "source": "https://bsky.app/profile/netalexx.bsky.social/post/3mpszfmkkxc2i", "content": "phpBB PTT-2026-004 (CVE-2026-48611) requires a single unauthenticated HTTP request and works on default phpBB installations. PTT-2026-005 (CVE-2026-48612) requires phpBB to have OAuth configured", "creation_timestamp": "2026-07-04T12:04:19.711743Z"}, {"uuid": "4c736185-ebc7-4bd4-9f7a-9f5628b956fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-48611.yaml", "content": "", "creation_timestamp": "2026-07-06T06:00:04.593147Z"}, {"uuid": "b1c8d381-978b-4435-9515-91c8bbfcbbe6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48614", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpypo6pjat2j", "content": "CVE-2026-48614 - plesk\nAn attacker with a Plesk account can write files with root access, potentially leading to server compromise. This is a serious issue, as it allows unauthorized access to sensitive server\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#plesk #webpros #CVE #infosec", "creation_timestamp": "2026-07-06T18:26:05.908254Z"}, {"uuid": "57f7ca9e-7caf-4680-853f-fe8c08d9876b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48614", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpyzse3xqg2q", "content": "CVE-2026-48614 - Plesk XML API Improper Authorization Privilege Escalation\nCVE ID : CVE-2026-48614\n \n Published : July 6, 2026, 6:16 p.m. | 2\u00a0hours, 57\u00a0minutes ago\n \n Description : An improper authorization vulnerability in the Plesk XML API allows an authenticated user to inj...", "creation_timestamp": "2026-07-06T21:27:24.520122Z"}, {"uuid": "f162d2b7-7dd5-428d-a1b6-7468111e51d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-48611.yaml", "content": "", "creation_timestamp": "2026-07-07T00:00:02.942608Z"}, {"uuid": "e1cc215b-2e26-4789-b397-be310df855a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48614", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mq33v36shh22", "content": "CVE-2026-48614 - Critical arbitrary file write as root in Plesk XML API. CVSS 9.9. No patch available. Apply workarounds immediately. #CVE #Plesk #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-48614/", "creation_timestamp": "2026-07-07T17:10:01.633714Z"}, {"uuid": "b60ff761-28a5-4cdc-b90f-10db91b86c11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mq7u47666s2y", "content": "\ud83c\udf10 Our research team found two authentication flaws in phpBB, one buried in the code for over a decade. There's a working PoC for each, and the Network Scanner now detects the most critical one - CVE-2026-48611 (9.4).", "creation_timestamp": "2026-07-09T14:34:10.372998Z"}, {"uuid": "b44aef4e-89c9-4ffd-8aa0-99e1bf9e7ea5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://t.me/GithubRedTeam/89613", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-48611-EXPLOIT\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Diznev\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-19 10:37:23\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-48611- authentication bypass in phpBB\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:22.894918Z"}, {"uuid": "35768e74-61fe-4c29-9b3b-2f64ec6f1ae4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://t.me/GithubRedTeam/89613", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-48611-EXPLOIT\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Diznev\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-19 10:37:23\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-48611- authentication bypass in phpBB\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:38.709960Z"}, {"uuid": "593429a1-0a94-4bfb-860e-49be1e7c1df0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/89613", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-48611-EXPLOIT\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Diznev\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-19 10:37:23\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-48611- authentication bypass in phpBB\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-15T00:00:17.751253Z"}, {"uuid": "d8694ba3-a082-40fd-8028-32390de57d1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "Telegram/p9-kuVV3i6o5oyhveGROV08VXkEXAoqv-Qhjrn4X5Lw6frU", "content": "", "creation_timestamp": "2026-07-16T19:00:18.135253Z"}, {"uuid": "4fc559cc-ce48-481e-bb97-e11a588128b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "Telegram/HeX7ZwgfClnVMcM_jrebWQOf2GFN8BPONV6LFlglDXbYYrI", "content": "", "creation_timestamp": "2026-07-16T19:00:17.932429Z"}, {"uuid": "d2d8406c-670d-4b00-835a-30e78dfb4d3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "Telegram/p9-kuVV3i6o5oyhveGROV08VXkEXAoqv-Qhjrn4X5Lw6frU", "content": "", "creation_timestamp": "2026-07-17T00:00:33.871386Z"}, {"uuid": "177637eb-08c1-43c0-9880-ada014ddc3f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "Telegram/HeX7ZwgfClnVMcM_jrebWQOf2GFN8BPONV6LFlglDXbYYrI", "content": "", "creation_timestamp": "2026-07-17T00:00:33.650006Z"}]}