{"uuid": "803495c9-89b3-4885-a6dd-f05affaf7bd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39910", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motoshdiat2m", "content": "\ud83d\udea8  ALERT: CVE-2026-39910\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nSTACKIT IaaS API contains a missing authorization check vulnerability that allows authenticated, low-privileged attackers to escalate privileges to full organization compromise by attaching arbitrary service accounts to virtual machines they contr", "creation_timestamp": "2026-06-22T01:02:05.279349Z"}