{"vulnerability": "cve-2026-5837", "sightings": [{"uuid": "a64953f8-9d1f-4a3a-9689-a2f5b7285b5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5837", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mizxm573fh2o", "content": "", "creation_timestamp": "2026-04-09T04:24:25.772597Z"}, {"uuid": "c205906f-cf20-4dd4-b19b-433beea39528", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5837", "type": "published-proof-of-concept", "source": "Telegram/qm3ZDWS3OwUpmw9ncg5iRXx1aqT9bGCn0-RoRVSAPQoeyYE", "content": "", "creation_timestamp": "2026-04-09T05:15:27.000000Z"}, {"uuid": "2adc656d-fe83-459c-9e83-addd4bb619a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58374", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpj67lqvub23", "content": "CVE-2026-58374 - hostapd: Out-of-bounds Write in AP-mode Wi-Fi 7 MLO Association Request Processing\nCVE ID : CVE-2026-58374\n \n Published : June 30, 2026, 12:35 p.m. | 1\u00a0hour, 10\u00a0minutes ago\n \n Description : In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 (IEE...", "creation_timestamp": "2026-06-30T14:03:47.017780Z"}, {"uuid": "0e999980-d3c3-4d17-9438-0505e9f2e4dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58370", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpjl75243h24", "content": "CVE-2026-58370 - Woodpecker\nCVE ID : CVE-2026-58370\n \n Published : June 30, 2026, 3:57 p.m. | 1\u00a0hour, 49\u00a0minutes ago\n \n Description : Woodpecker before 3.15.0 matches the ApprovalAllowedUsers bypass list against pipeline.Author. For the GitLab forge driver, pipeline.Author is ...", "creation_timestamp": "2026-06-30T17:56:14.401869Z"}, {"uuid": "f056f246-d35f-4888-b345-541c27e8e35f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58377", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpjlfnxyxp2d", "content": "CVE-2026-58377 - JeecgBoot 3.9.2 - Missing Authorization on OpenAPI Credential Management Endpoints Exposes Access/Secret Keys\nCVE ID : CVE-2026-58377\n \n Published : June 30, 2026, 3:59 p.m. | 1\u00a0hour, 46\u00a0minutes ago\n \n Description : JeecgBoot through 3.9.2 contains a broken ac...", "creation_timestamp": "2026-06-30T17:59:53.025922Z"}, {"uuid": "ba55c3d8-b9cc-461a-bde9-49e5dd01e854", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58371", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpjm7xuynj24", "content": "CVE-2026-58371 - SeaweedFS\nCVE ID : CVE-2026-58371\n \n Published : June 30, 2026, 3:57 p.m. | 1\u00a0hour, 48\u00a0minutes ago\n \n Description : SeaweedFS before 4.30 reflects the callback query parameter verbatim into responses served with Content-Type application/javascript in the share...", "creation_timestamp": "2026-06-30T18:14:31.858763Z"}, {"uuid": "53c225ec-a794-46eb-b5cb-f2cf73e0ff3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58372", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpjmudi45y2u", "content": "CVE-2026-58372 - SeaweedFS\nCVE ID : CVE-2026-58372\n \n Published : June 30, 2026, 3:57 p.m. | 1\u00a0hour, 48\u00a0minutes ago\n \n Description : SeaweedFS before 4.34 contains a path traversal vulnerability in the S3 gateway DeleteMultipleObjectsHandler that allows authenticated S3 princi...", "creation_timestamp": "2026-06-30T18:25:55.259051Z"}, {"uuid": "c273cf8f-e9c3-44f4-aea8-78f775602c44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58376", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpjn5cyb4w2m", "content": "CVE-2026-58376 - Dolibarr - SQL Injection via sqlfilters Parameter in Multiple REST API List Endpoints\nCVE ID : CVE-2026-58376\n \n Published : June 30, 2026, 3:59 p.m. | 1\u00a0hour, 47\u00a0minutes ago\n \n Description : Dolibarr through 23.0.3, fixed in commit 14db36e, contains a sql inj...", "creation_timestamp": "2026-06-30T18:30:56.800671Z"}, {"uuid": "d0c04f93-3699-4e0f-aed2-b5268dbbbf90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58373", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpjngbgrb32m", "content": "CVE-2026-58373 - CVAT\nCVE ID : CVE-2026-58373\n \n Published : June 30, 2026, 3:58 p.m. | 1\u00a0hour, 48\u00a0minutes ago\n \n Description : CVAT before 2.69.0 contains an improper authorization vulnerability in QualityReportViewSet.get_queryset that allows authenticated attackers to enume...", "creation_timestamp": "2026-06-30T18:35:57.085798Z"}, {"uuid": "8c6e3c44-298c-4c98-8d83-0db8576241cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58375", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpjnp7uyku23", "content": "CVE-2026-58375 - JimuReport 2.5.0 - Unauthenticated Report Export via /jmreport/auto/export\nCVE ID : CVE-2026-58375\n \n Published : June 30, 2026, 3:58 p.m. | 1\u00a0hour, 47\u00a0minutes ago\n \n Description : JimuReport through 2.5.0 exposes the POST /jmreport/auto/export endpoint withou...", "creation_timestamp": "2026-06-30T18:40:57.327025Z"}, {"uuid": "3cea8db8-c18e-4f62-94d0-923d0c7098ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58371", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpndoycmhy2i", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-58371 \u0432 SeaweedFS: \u0443\u0433\u0440\u043e\u0437\u0430 \u043e\u0442\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u0430\n\n\n\nhttps://kripta.biz/posts/BB65E6C0-C1C7-4938-9809-CE375D4B748B", "creation_timestamp": "2026-07-02T05:52:31.014078Z"}, {"uuid": "7c91a1e4-3129-42b1-b54d-a6e3a52a2452", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58372", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpndwv4afe2t", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-58372 \u0432 SeaweedFS: \u0443\u0433\u0440\u043e\u0437\u0430 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445\n\n\n\nhttps://kripta.biz/posts/37685DD9-0C37-4E00-A2CB-002F3BF8DB4B", "creation_timestamp": "2026-07-02T05:56:59.923423Z"}, {"uuid": "01c79396-a921-4f37-98a0-8fd5a96397cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58377", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpne2y63yj22", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-58377 \u0432 JeecgBoot: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/7F9E992E-9AD2-4FEE-A6A9-519F99B003F8", "creation_timestamp": "2026-07-02T05:59:13.485023Z"}, {"uuid": "f6310752-09ee-4a4e-90ac-4bc6d0d3ffe9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58370", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpnejmuv3z2u", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-58370 \u0432 Woodpecker: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/F5A55508-4624-465B-824A-9767084DE4B0", "creation_timestamp": "2026-07-02T06:07:28.829629Z"}, {"uuid": "eda3c30b-17c0-4680-a767-f1f607ddaff8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58376", "type": "seen", "source": "https://bsky.app/profile/qiancx.bsky.social/post/3mpqce4xggx2r", "content": "\u6df1\u5ea6\u89e3\u6790Dolibarr 23.0.3 SQL\u6ce8\u5165\u6f0f\u6d1e(CVE-2026-58376)\u53ca\u5b89\u5168\u9632\u62a4\u6307\u5357\n\n\n\nhttps://qian.cx/posts/162F2344-5F2D-48E5-AFAA-BEA083580388", "creation_timestamp": "2026-07-03T10:06:32.128309Z"}, {"uuid": "3ba9267d-92c6-422a-bcce-f2d853de3e61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58376", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpqce6szcw2c", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 Dolibarr: \u0430\u043d\u0430\u043b\u0438\u0437 CVE-2026-58376 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/142339F1-5560-4D06-ABAC-D9B5DB4BDEA8", "creation_timestamp": "2026-07-03T10:06:33.988977Z"}, {"uuid": "09fa85d7-3913-48e8-a258-8703ee80b8b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58373", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpqcewhilr2o", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-58373 \u0432 CVAT: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/FAE5FC1B-54A9-480B-B12F-3757409074B6", "creation_timestamp": "2026-07-03T10:06:58.756517Z"}, {"uuid": "6a413c6b-ef5c-4a66-aa41-5fa8444f6905", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58373", "type": "seen", "source": "https://bsky.app/profile/qiancx.bsky.social/post/3mpqcfe3a6322", "content": "CVAT 2.69.0 \u4e4b\u524d\u7248\u672c\u5b58\u5728\u6743\u9650\u9a8c\u8bc1\u6f0f\u6d1e(CVE-2026-58373)\u6df1\u5ea6\u89e3\u6790\u4e0e\u5b89\u5168\u9632\u62a4\u6307\u5357\n\n\n\nhttps://qian.cx/posts/E8353DCF-C158-41CB-B19B-B112FEF53431", "creation_timestamp": "2026-07-03T10:07:13.459065Z"}, {"uuid": "724103e1-f2b1-4cdb-bf6e-0093d97b7e49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58379", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3mprceilsjt24", "content": "\ud83d\udc1b VULNERABILITIES CVE Notify: \ud83d\udea8 [CVE-2026-58379](https://access.redhat.com/security/cve/CVE-2026-58379)\nA flaw was found in GIMP'...\nhttps://access.redhat.com/security/cve/CVE-2026-58379 #Vulnerability #CVE #ZeroDay", "creation_timestamp": "2026-07-03T19:39:24.024693Z"}, {"uuid": "06a8365f-1eb4-4761-b914-f33ab6ebae1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58379", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mprkdhbnlb2f", "content": "GIMP\u306ePSP\u30d5\u30a1\u30a4\u30eb\u30d1\u30fc\u30b5\u30fc\u306b\u30d2\u30fc\u30d7\u30d0\u30c3\u30d5\u30a1\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u8106\u5f31\u6027\u3002\u7d30\u5de5\u3055\u308c\u305fPSP\u753b\u50cf\u3092\u958b\u304f\u3068\u3001\u30b3\u30fc\u30c9\u5b9f\u884c\u3084\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\u306e\u53ef\u80fd\u6027\u3002\nCVE-2026-58379 CVSS 7.3 | HIGH", "creation_timestamp": "2026-07-03T22:01:58.922682Z"}, {"uuid": "c3f804f6-64bb-45a6-9330-788017ee5ece", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58379", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mprlvkwgk32r", "content": "CVE-2026-58379 - Gimp: gimp: heap buffer overflow in read_channel_data()\nCVE ID : CVE-2026-58379\n \n Published : July 3, 2026, 6:29 p.m. | 3\u00a0hours, 18\u00a0minutes ago\n \n Description : A flaw was found in GIMP's Paint Shop Pro (PSP) file format parser. This heap buffer overflow vuln...", "creation_timestamp": "2026-07-03T22:30:00.753385Z"}, {"uuid": "2d3e2778-3634-4d7e-8f60-7b6a77614fdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58374", "type": "seen", "source": "https://bsky.app/profile/bootintel.bsky.social/post/3mpy2c74dl62h", "content": "MEDIUM severity CVE just published in hostapd:\n\nCVE-2026-58374. In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 (IEEE 802.11be) Multi-Link Operation (MLO) association request processing allows an unauthenticated attacker within wi\u2026\n\nnvd.nist.gov/vuln/detail/CVE-2026-58374", "creation_timestamp": "2026-07-06T12:03:35.364696Z"}, {"uuid": "7a573b31-6526-470e-8596-05122569dfa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58378", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqacm3aa3b2x", "content": "CVE-2026-58378 - Allwinner TV Box TV98 ADB exposed on network\nCVE ID : CVE-2026-58378\n \n Published : July 9, 2026, 6:16 p.m. | 15\u00a0minutes ago\n \n Description : Allwinner H616 TV Box TV98 has ADB enabled and exposed to the network on production. An attacker could request for ADB...", "creation_timestamp": "2026-07-09T18:53:34.740152Z"}]}