{"vulnerability": "cve-2026-4987", "sightings": [{"uuid": "70965fcc-5869-4331-8b3a-5dedee18a483", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4987", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mi3ka6v5k327", "content": "", "creation_timestamp": "2026-03-28T02:05:14.161720Z"}, {"uuid": "65e39bfc-c8e5-4997-a986-eaa2b3729402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4987", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mi3tfi5rvw2o", "content": "", "creation_timestamp": "2026-03-28T04:49:15.236609Z"}, {"uuid": "5a7c7ca5-2b0d-45ce-beb7-d8d585bd114c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4987", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116305273346870948", "content": "", "creation_timestamp": "2026-03-28T06:00:34.394432Z"}, {"uuid": "7ee24d25-9675-40b2-9a5f-4928379172de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4987", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mi3xezlxof26", "content": "", "creation_timestamp": "2026-03-28T06:00:35.408771Z"}, {"uuid": "f044d409-b166-4934-a12f-59f33959ef7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4987", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116309400818400329", "content": "", "creation_timestamp": "2026-03-28T23:30:14.827775Z"}, {"uuid": "c3140ced-4211-400f-9537-46a8fc74e7fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4987", "type": "seen", "source": "Telegram/HQHk6b46qFnTAF0zr_kYdi4jZ1-94Qa5IEvzqYOSjpwlfy8", "content": "", "creation_timestamp": "2026-03-28T03:16:54.000000Z"}, {"uuid": "b3284866-c330-4ceb-aa59-d47e6a810762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49875", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mnzq3qks772t", "content": "CVE-2026-49875: Apache CXF: XML External Entity (XXE) Injection in W3CMultiSchemaFactory and EndpointReferenceUtils", "creation_timestamp": "2026-06-11T17:15:57.338657Z"}, {"uuid": "10eadd50-2caa-4e11-927d-184beb938192", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49875", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3modpy476mu2v", "content": "\ud83d\udea8 CRITICAL ALERT: CVE-2026-49875\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nApache CXF's EndpointReferenceUtils and W3CMultiSchemaFactory classes construct a SAXParserFactory without the necessary JAXP hardening configurations, enabling out-of-band (OOB) \nexternal entity resolution.\u00a0Users are recommended to upgrad", "creation_timestamp": "2026-06-15T16:40:32.796970Z"}, {"uuid": "654522ea-c085-46b4-969a-3b914614ca83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49871", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3monnobmqmq2v", "content": "CVE-2026-49871: Apache APISIX: cas-auth login CSRF / session injection issue", "creation_timestamp": "2026-06-19T15:25:52.809042Z"}, {"uuid": "ddcace2a-70b4-4c0c-8d44-5b0c57995bb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49872", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3monocokqpd2x", "content": "CVE-2026-49872: Apache APISIX: Improper authentication in cas-auth plugin", "creation_timestamp": "2026-06-19T15:37:17.406858Z"}, {"uuid": "3d5f934a-b981-4ec8-af2c-9edbc2dcd5b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49871", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116781763259383270", "content": "A lot of offensive activities were identified targeting Apache APISIX (CVE-2026-49871) https://vuldb.com/vuln/372401/cti", "creation_timestamp": "2026-06-20T09:38:14.531453Z"}, {"uuid": "82692654-2027-49ef-b152-02129efb3fa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49877", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mphfqgcalh2q", "content": "CVE-2026-49877: Apache ActiveMQ: Authenticated web users retain admin access by default in the Web Console", "creation_timestamp": "2026-06-29T21:13:08.162235Z"}, {"uuid": "62076485-c56d-4056-a001-42e44f64298b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49877", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpqf7sfqii26", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-49877 \u0432 Apache ActiveMQ: \u0443\u0433\u0440\u043e\u0437\u0430 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/4DDD29AA-A73F-4235-AD75-3912EA28163D", "creation_timestamp": "2026-07-03T10:57:48.253367Z"}, {"uuid": "8a84b9df-99c4-47ed-8f77-1d326f56c035", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49876", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mqit4ca7od2c", "content": "CVE-2026-49876: Apache Gravitino: Authenticated SSRF in Gravitino JobManager allows server-side HTTP requests to internal network and cloud metadata endpoints via unvalidated job template URIs", "creation_timestamp": "2026-07-13T04:10:16.518466Z"}, {"uuid": "50cdec41-462f-4b9f-bef8-ddf63dab2fb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49876", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkeqdsbpl2i", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-49876 \u0432 Gravitino: \u0443\u0433\u0440\u043e\u0437\u0430 SSRF \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/44EE2558-FB33-4A63-AA44-854EB766D474", "creation_timestamp": "2026-07-13T18:58:22.660161Z"}, {"uuid": "7ba409d5-4b7b-4e8e-8bb3-19596f9bc07f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49876", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqlcpajd5b2s", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-49876 \u0432 Gravitino: \u0443\u0433\u0440\u043e\u0437\u0430 SSRF \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/2140D778-8E1C-4260-8372-D2C358032FEB", "creation_timestamp": "2026-07-14T03:54:38.076830Z"}]}