{"uuid": "33eb24c3-05fe-4eb3-a086-8ae8665d352e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4020", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3moqd2hn7lb2a", "content": "A 'medium' CVSS told you to skip this one.\n\nIt is dumping live Amazon SES and OAuth keys to anyone who asks, on 100,000 WordPress sites.\n\nPatching does not take the leaked keys back. Rotate them. (CVE-2026-4020)", "creation_timestamp": "2026-06-20T16:53:50.373798Z"}