{"uuid": "b571aafa-f464-47b6-b2c4-3bf9748b63e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11387", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mplcrcszoe25", "content": "CRITICAL (CVSS 9.8): cozyvision1 SMS Alert \u2013 SMS &amp; OTP for WooCommerce &lt;=3.9.5 lets unauth attackers hijack accounts via OTP flaw. Disable OTP resets or remove phone numbers until patched. https://radar.offseq.com/threat/cve-2026-11387-cwe-287-improper-authentication-in--cb792a6868247a84 #OffSeq ...", "creation_timestamp": "2026-07-01T10:30:36.578111Z"}