{"vulnerability": "cve-2026-9065", "sightings": [{"uuid": "21257883-0445-4957-9cb4-94224575d949", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9065", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmbpy7swfu2k", "content": "CVE-2026-9065 - Surecart - SQL Injection\nCVE ID : CVE-2026-9065\n \n Published : May 20, 2026, 9:16 a.m. | 58\u00a0minutes ago\n \n Description : SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters ('model_name', 'model_id', 'integratio...", "creation_timestamp": "2026-05-20T10:44:54.022427Z"}, {"uuid": "03aaa9b6-85a5-4dcc-b94c-df5710ed0bad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9065", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116606083448306506", "content": "\ud83d\udea8 CRITICAL: CVE-2026-9065 in brainstormforce SureCart <4.2.1 allows authenticated SQL injection via REST API ('/surecart/v1/integrations/{id}'). Exploit bypasses escaping with a dot in payloads \u2014 full DB extraction possible. Patch now! https://radar.offseq.com/threat/cve-2026-9065-cwe-89-improper-neutralization-of-sp-8901e797 #OffSeq #SQLInjection #WordPress", "creation_timestamp": "2026-05-20T09:00:31.972714Z"}, {"uuid": "62f87981-4c1d-4207-a1ab-991127d0728b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9065", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mmbk5mxr6d2y", "content": "CRITICAL: CVE-2026-9065 in brainstormforce SureCart <4.2.1 enables authenticated SQL injection via REST API. Attackers can fully extract DB \u2014 update now! \ud83d\udea8 https://radar.offseq.com/threat/cve-2026-9065-cwe-89-improper-neutralization-of-sp-8901e797 #OffSeq #SQLInjection #WordPress", "creation_timestamp": "2026-05-20T09:00:33.864372Z"}]}