{"vulnerability": "cve-2026-4878", "sightings": [{"uuid": "db7254f2-c2b3-424d-ae56-9edf4ae91b75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48784", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmtaxwk33y23", "content": "\ud83d\udd10 CVE-2026-48784: UrlGenerator Encoding Skips Every Other Chained ../ or ./: Generated URL Collapses Off-Route\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-48784-urlgenerator-encoding-skips-every-other-chained-or-generated-url-collapses-off-route", "creation_timestamp": "2026-05-27T10:04:13.294454Z"}, {"uuid": "2d386485-83ab-4b34-b787-f40935b28ec4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4878", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mjhhcqfm6j26", "content": "", "creation_timestamp": "2026-04-14T13:10:07.654303Z"}, {"uuid": "85ff01c7-f163-4ef3-8bbc-d2a49b474bbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48784", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq4e3x7q2h", "content": "\ud83d\udd17 CVE : CVE-2026-48489, CVE-2026-48736, CVE-2026-48747, CVE-2026-48760, CVE-2026-48761, CVE-2026-48784", "creation_timestamp": "2026-05-27T14:35:08.840628Z"}, {"uuid": "fa9ad410-5fbc-464a-902b-69a8b91c1922", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48785", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mo665pux3s2w", "content": "\ud83d\udc27 Proteja seu Apptainer no Fedora! Script + mitiga\u00e7\u00e3o + comandos reais para verificar e corrigir a falha CVE-2026-48785. Conte\u00fado perene: \u00fatil por anos.  Saiba mais: -> tinyurl.com/ymky4h28  #Fedora", "creation_timestamp": "2026-06-13T11:39:48.380992Z"}, {"uuid": "7f203008-56b1-4347-b394-8fa9bff01a25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48780", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mog67gafbm25", "content": "\ud83d\udfe0 CVE-2026-48780 - High (8.2)\n\nForem is open source software for building communities. Prior to commit a2ab6d4, a maliciously cr...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48780/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-16T16:00:31.108978Z"}, {"uuid": "ff9483d0-835b-49b5-947c-f717c04c4765", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48780", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogf2rqlzg2c", "content": "CVE-2026-48780 - Forem vulnerable to bypass of email address domain restrictions\nCVE ID : CVE-2026-48780\n \n Published : June 16, 2026, 3:16 p.m. | 1\u00a0hour, 52\u00a0minutes ago\n \n Description : Forem is open source software for building communities. Prior to commit a2ab6d4, a malicio...", "creation_timestamp": "2026-06-16T18:03:10.686368Z"}, {"uuid": "38fa3e06-7edd-427c-a026-4db2c573c100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48788", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogyvk4rbf2f", "content": "CVE-2026-48788 - Remark42: Cross-Site Scripting (XSS) on /api/v1/img via content-type spoofing\nCVE ID : CVE-2026-48788\n \n Published : June 16, 2026, 10:29 p.m. | 1\u00a0hour, 3\u00a0minutes ago\n \n Description : Remark42 is a self-hosted comment engine for blogs, articles, or any other p...", "creation_timestamp": "2026-06-16T23:58:10.425749Z"}, {"uuid": "bee121c0-7248-4192-a00f-940cd52ef817", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48781", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogz6imvsz26", "content": "CVE-2026-48781 - Postiz has cross-tenant SUPERADMIN takeover via Skool-provider JWT forgery\nCVE ID : CVE-2026-48781\n \n Published : June 16, 2026, 9:31 p.m. | 2\u00a0hours, 1\u00a0minute ago\n \n Description : Postiz is an AI social media scheduling tool. In versions prior to 2.21.8, the S...", "creation_timestamp": "2026-06-17T00:03:10.891073Z"}, {"uuid": "4178373b-50ab-499b-a7ab-c75d5428c7af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48783", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogznfyenc2x", "content": "CVE-2026-48783 - Postiz has an unauthenticated billing-enforcement bypass via /public/modify-subscription\nCVE ID : CVE-2026-48783\n \n Published : June 16, 2026, 9:38 p.m. | 1\u00a0hour, 54\u00a0minutes ago\n \n Description : Postiz is an AI social media scheduling tool. Versions prior to 2...", "creation_timestamp": "2026-06-17T00:11:30.602099Z"}, {"uuid": "293dcc04-fd0a-4aaf-9d55-678d1a8a8cf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48782", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogzzvej3z22", "content": "CVE-2026-48782 - pydantic-ai: SSRF blocklist bypass via IPv4-compatible, SIIT/IVI, and local NAT64 IPv6 addresses (incomplete fix of CVE-2026-46678)\nCVE ID : CVE-2026-48782\n \n Published : June 16, 2026, 10:49 p.m. | 43\u00a0minutes ago\n \n Description : Pydantic AI is a Python agent...", "creation_timestamp": "2026-06-17T00:18:29.322657Z"}]}