{"vulnerability": "cve-2026-5447", "sightings": [{"uuid": "c7e73d92-65fd-430a-91ff-7424b23fb2a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54479", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-02", "content": "", "creation_timestamp": "2026-06-25T17:15:19.508709Z"}, {"uuid": "bf420a33-3fef-43f6-91ad-f699e6c4e018", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54479", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5hbievx22w", "content": "CVE-2026-54479 - EVoke Systems EVoke CSMS Insufficient Session Expiration\nCVE ID : CVE-2026-54479\n \n Published : June 25, 2026, 8:56 p.m. | 48\u00a0minutes ago\n \n Description : The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multipl...", "creation_timestamp": "2026-06-25T22:13:57.262584Z"}, {"uuid": "95e69e68-475f-40a9-afcd-5d319ce1be1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54479", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mp5kgsxaoa2v", "content": "CVE-2026-54479 - DoS in Websocket backend. Predictable session IDs allow auth bypass or resource exhaustion. CVSS 7.3. No patch yet. Monitor systems closely. #CVE #infosec #cybersecurity\n\nhttps://www.valtersit.com/cve/CVE-2026-54479/", "creation_timestamp": "2026-06-25T23:10:37.156004Z"}, {"uuid": "b6830918-4c71-4a0d-a6da-26fba95689b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54475", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mphhdvij522x", "content": "CVE-2026-54475: Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Temporary destination ownership takeover", "creation_timestamp": "2026-06-29T21:41:55.247083Z"}, {"uuid": "26b6f59d-c1f0-4792-8fec-d80cfeac1c95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54477", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-183-03", "content": "", "creation_timestamp": "2026-07-02T17:15:07.407219Z"}, {"uuid": "2c61ae2e-b7a1-453e-83d2-fc611758197a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54475", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mpph6qinrz2a", "content": "Nine Apache ActiveMQ vulnerabilities allow denial of service and a temporary destination takeover (CVE-2026-54475). Upgrade to 6.2.7 now.\n\n#ApacheActiveMQ #ActiveMQ #CVE202654475 #DenialOfService #OpenWire #STOMP #MessageBroker #Vulnerability", "creation_timestamp": "2026-07-03T02:00:20.869129Z"}, {"uuid": "0ba543d1-6115-4070-ada0-8b7271240066", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54477", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mppjau64lu2s", "content": "CVE-2026-54477 - Gardyn IoT Hub Improper Neutralization of HTTP Headers for Scripting Syntax\nCVE ID : CVE-2026-54477\n \n Published : July 2, 2026, 11:52 p.m. | 1\u00a0hour, 54\u00a0minutes ago\n \n Description : The admin panel lacks standard security headers, enabling clickjacking and cro...", "creation_timestamp": "2026-07-03T02:37:18.594114Z"}, {"uuid": "033bff1c-46a1-4698-b3ef-3bdee091b855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54477", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpra4egnwq2y", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-54477: \u041e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0430\u0434\u043c\u0438\u043d-\u043f\u0430\u043d\u0435\u043b\u044f\u0445\n\n\n\nhttps://kripta.biz/posts/5532663C-5370-4650-81E8-D175F7E1DC38", "creation_timestamp": "2026-07-03T18:59:03.689204Z"}, {"uuid": "54dfaa09-e8bc-423a-b6bf-6d064a687191", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54477", "type": "seen", "source": "https://t.me/GithubRedTeam/91660", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #XSS #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-54477\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a MichaelAdamGroberman\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-02 22:00:01\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-54477: Admin Panel Missing Security Headers (clickjacking/XSS) - Gardyn (ICSA-26-183-03)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:13.985629Z"}, {"uuid": "b046e820-c6c0-4d3d-b579-9dccbf905c3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54477", "type": "seen", "source": "https://t.me/GithubRedTeam/91660", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #XSS #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-54477\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a MichaelAdamGroberman\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-02 22:00:01\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-54477: Admin Panel Missing Security Headers (clickjacking/XSS) - Gardyn (ICSA-26-183-03)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:21.874341Z"}, {"uuid": "ebe493f6-fd78-4558-98d2-57835b6356db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54477", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/91660", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #XSS #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-54477\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a MichaelAdamGroberman\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-02 22:00:01\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-54477: Admin Panel Missing Security Headers (clickjacking/XSS) - Gardyn (ICSA-26-183-03)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-15T00:00:28.166568Z"}]}