{"vulnerability": "cve-2026-8786", "sightings": [{"uuid": "e05ecceb-d43e-4c14-8e2e-8da0744a8ece", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-8786", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mm475sogkr2f", "content": "Tencent WeKnora v0.3.0 \u2013 0.3.6 faces a MEDIUM auth bypass (CVE-2026-8786). No patch \u2014 lock down API access & watch for updates. https://radar.offseq.com/threat/cve-2026-8786-authorization-bypass-in-tencent-wekn-4ef018b6 #OffSeq #Tencent #Vulnerability", "creation_timestamp": "2026-05-18T06:00:30.180670Z"}, {"uuid": "f5d05a78-2663-4320-b104-fd64f5a1092e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-8786", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116594050785807637", "content": "\ud83d\udd0e CVE-2026-8786: Tencent WeKnora 0.3.0 \u2013 0.3.6 has a MEDIUM severity auth bypass in the Config API (kbId manipulation). No patch yet \u2014 restrict access & monitor updates. https://radar.offseq.com/threat/cve-2026-8786-authorization-bypass-in-tencent-wekn-4ef018b6 #OffSeq #Vulnerability #Tencent #AppSec", "creation_timestamp": "2026-05-18T06:00:48.450359Z"}, {"uuid": "564fe8d1-d176-4db4-98c3-df47976f8c39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8786", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mm4anl4eio2p", "content": "CVE-2026-8786 - Tencent WeKnora Config API Endpoint initialization.go getKnowledgeBaseForInitialization authorization\nCVE ID : CVE-2026-8786\n \n Published : May 18, 2026, 3 a.m. | 1\u00a0hour, 11\u00a0minutes ago\n \n Description : A vulnerability has been found in Tencent WeKnora up to 0....", "creation_timestamp": "2026-05-18T06:27:11.833243Z"}]}