{"vulnerability": "cve-2026-9312", "sightings": [{"uuid": "cb2731d7-cfdd-4258-a007-773a5211e8c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9312", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116643949752477544", "content": "\ud83d\udea8 CRITICAL: CVE-2026-9312 (SSRF) in GitHub Enterprise Server 3.16.0 \u2013 3.21.0 lets unauth attackers access internal services via crafted uploads. Patch to 3.16.20+ ASAP! Details: https://radar.offseq.com/threat/cve-2026-9312-cwe-918-server-side-request-forgery--b1f49fcb #OffSeq #SSRF #GitHub #Vuln", "creation_timestamp": "2026-05-27T01:30:25.774276Z"}, {"uuid": "10a36936-9884-48dd-8f34-f4aaf1669956", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9312", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mmsebabvvk26", "content": "CRITICAL: CVE-2026-9312 in GitHub Enterprise Server enables unauth attackers to hit internal services via SSRF. Patch to 3.16.20+ ASAP. Details: https://radar.offseq.com/threat/cve-2026-9312-cwe-918-server-side-request-forgery--b1f49fcb #OffSeq #SSRF #GitHubSecurity", "creation_timestamp": "2026-05-27T01:30:28.076028Z"}, {"uuid": "fc4f3671-9c06-4d9c-b7fc-289c754d34f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9312", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmsepcasdg2c", "content": "CVE-2026-9312 - Server-Side Request Forgery vulnerability in GitHub Enterprise Server allowed access to internal services via path traversal in upload endpoint\nCVE ID : CVE-2026-9312\n \n Published : May 27, 2026, 12:16 a.m. | 15\u00a0minutes ago\n \n Description : A server-side reques...", "creation_timestamp": "2026-05-27T01:38:18.977641Z"}]}