{"vulnerability": "cve-2026-5078", "sightings": [{"uuid": "d5310e51-5ff5-48b2-92f6-9691d4e69128", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5078", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnew7lag7b2u", "content": "CVE-2026-5078 - morgan vulnerable to Log Forging via unneutralized control characters in :remote-user\nCVE ID : CVE-2026-5078\n \n Published : June 3, 2026, 8:16 a.m. | 16\u00a0minutes ago\n \n Description : Impact: The morgan logging middleware's :remote-user token extracts the Basic a...", "creation_timestamp": "2026-06-03T10:39:34.155752Z"}, {"uuid": "d6707699-0a17-4088-aa59-b6939c145b48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5078", "type": "seen", "source": "https://bsky.app/profile/ulisesgascon.com/post/3mndedxkb3s2m", "content": "\ud83d\udea8 Moderate-severity security fix in morgan@1.11.0 just released!\n\nPatches CVE-2026-5078 \u2014 morgan vulnerable to Log Forging via unneutralized control characters in :remote-user\n\ngithub.com/expressjs/mo...", "creation_timestamp": "2026-06-02T19:47:16.884209Z"}]}