{"vulnerability": "cve-2026-5674", "sightings": [{"uuid": "efb44613-f7a6-430e-8497-e1ebd8dd93a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5674", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mqrgbdys5a2o", "content": "A flaw in PipeWire, the audio server on most Linux desktops (CVE-2026-5674), lets a sandboxed app load a malicious library and escape its Flatpak or Snap sandbox.\n\nLocal, and no exploit reported yet.\n\nFix: disable optional audio module loading, then patch.", "creation_timestamp": "2026-07-16T14:14:25.786259Z"}, {"uuid": "e401fb6b-bc19-4087-a8ca-e85c9d37578f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5674", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116930114006202187", "content": "We have just added an important vulnerability affecting Red Hat PipeWire (CVE-2026-5674) https://vuldb.com/vuln/379530", "creation_timestamp": "2026-07-16T14:25:45.353282Z"}, {"uuid": "a726e43e-5521-4000-95ac-018dc15268d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5674", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqriagxaqx2x", "content": "CVE-2026-5674 - Pipewire: pipewire: sandbox escape and arbitrary code execution via malicious library loading\nCVE ID : CVE-2026-5674\n \n Published : July 16, 2026, 2:16 p.m. | 17\u00a0minutes ago\n \n Description : A flaw was found in PipeWire, a multimedia server. This vulnerability ...", "creation_timestamp": "2026-07-16T14:49:42.755859Z"}, {"uuid": "9a1821d6-faed-4df4-a0c7-27ed761d8a6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56741", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mquyl3hgcb2a", "content": "CVE-2026-56741 - JLine: Unauthenticated Remote DoS via Unbounded Telnet NAWS Terminal Geometry\nCVE ID : CVE-2026-56741\n \n Published : July 17, 2026, 10:17 p.m. | 1\u00a0hour, 20\u00a0minutes ago\n \n Description : JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.1...", "creation_timestamp": "2026-07-18T00:19:58.455414Z"}, {"uuid": "a07a965c-0190-4b15-8a54-88df28e6f563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56740", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mquytzuy6y2i", "content": "CVE-2026-56740 - JLine: Unauthenticated Remote Memory Exhaustion via Unbounded Telnet NEW-ENVIRON Variables\nCVE ID : CVE-2026-56740\n \n Published : July 17, 2026, 10:17 p.m. | 1\u00a0hour, 20\u00a0minutes ago\n \n Description : JLine is a Java library for handling console input. Prior to 3...", "creation_timestamp": "2026-07-18T00:24:58.865751Z"}, {"uuid": "df70f7ee-c5a2-43cc-8636-b85e0bd3235b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56740", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqviazwau42g", "content": "\ud83d\udfe0 CVE-2026-56740 - High (7.5)\n\nJLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLin...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-56740/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-18T05:00:42.046733Z"}, {"uuid": "d4b9d581-379b-4eab-9233-45c883640762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56741", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqvibaehij2c", "content": "\ud83d\udfe0 CVE-2026-56741 - High (7.5)\n\nJLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLin...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-56741/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-18T05:00:48.180499Z"}, {"uuid": "45f25a08-fffd-463f-9d50-b8ce2e6edfc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56740", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mqvw5hjsmf23", "content": "CVE-2026-56740 - DoS in JLine Telnet server. Unauthenticated attackers can flood env variables to exhaust JVM heap memory. CVSS 7.5. No patch yet - disable telnet module if possible. #CVE #infosec #Java\n\nhttps://www.valtersit.com/cve/CVE-2026-56740/", "creation_timestamp": "2026-07-18T09:09:13.498674Z"}, {"uuid": "d1843bc9-3924-4d5e-9eac-ed0cf3b6a5ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56740", "type": "seen", "source": "https://mastodon.social/users/hugovalters/statuses/116940194970389086", "content": "CVE-2026-56740 - DoS in JLine Telnet server. Unauthenticated attackers can flood env variables to exhaust JVM heap memory. CVSS 7.5. No patch yet - disable telnet module if possible. #CVE #infosec #Java\nhttps://www.valtersit.com/cve/CVE-2026-56740/", "creation_timestamp": "2026-07-18T09:09:28.946255Z"}]}