{"vulnerability": "cve-2026-56382", "sightings": [{"uuid": "094e0451-8c87-498c-8958-3e91663f39d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56382", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3motvg3g7qm2x", "content": "HIGH severity RCE (CVE-2026-56382) impacts Craft CMS 5.5.0 \u2013 5.9.13. Authenticated admins can inject code and access secrets. Upgrade to 5.9.14+ ASAP. https://radar.offseq.com/threat/cve-2026-56382-improper-control-of-generation-of-c-a60c46eab20e347b #OffSeq #CraftCMS #Vulnerability", "creation_timestamp": "2026-06-22T03:00:26.928854Z"}, {"uuid": "9eaf2983-4987-4b35-84b1-a2a0c452da4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56382", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116791523679077429", "content": "CVE-2026-56382: HIGH severity RCE in Craft CMS (5.5.0 \u2013 5.9.13). Authenticated admins can inject code via FieldsController, leaking sensitive env vars. Patch now by upgrading to 5.9.14+. https://radar.offseq.com/threat/cve-2026-56382-improper-control-of-generation-of-c-a60c46eab20e347b #OffSeq #CraftCMS #RCE #Vuln", "creation_timestamp": "2026-06-22T03:00:28.721017Z"}]}