{"vulnerability": "CVE-2026-1010", "sightings": [{"uuid": "7361aa82-aad7-4440-8892-3e32a7db89c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1010", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mcis7pzh4e2u", "content": "", "creation_timestamp": "2026-01-16T00:01:36.659961Z"}, {"uuid": "a53bc8f6-43c8-42a4-bdde-b81777344a7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10108", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmzdp6japs2h", "content": "CVE-2026-10108 - xiaomusic 0.5.7 Path Traversal via GET /music endpoint\nCVE ID : CVE-2026-10108\n \n Published : May 29, 2026, 6:16 p.m. | 55\u00a0minutes ago\n \n Description : xiaomusic v0.5.7 contains an unauthenticated path traversal vulnerability in the GET /music/{file_path:path}...", "creation_timestamp": "2026-05-29T20:08:59.445774Z"}, {"uuid": "3a9269a1-c005-4f78-8814-10cef41ddaaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10105", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmzdsekh3l2s", "content": "CVE-2026-10105 - agno 2.6.5 SQL Injection via ClickHouse delete_by_metadata()\nCVE ID : CVE-2026-10105\n \n Published : May 29, 2026, 6:16 p.m. | 55\u00a0minutes ago\n \n Description : agno 2.6.5 contains a SQL injection vulnerability in the ClickHouse vector database backend that allow...", "creation_timestamp": "2026-05-29T20:10:46.486589Z"}, {"uuid": "b843f691-e987-4544-8501-22ce5db9d9ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10105", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mmzlfnbqri2v", "content": "agno 2.6.5\u3067ClickHouse\u30d0\u30c3\u30af\u30a8\u30f3\u30c9\u306bSQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u8106\u5f31\u6027\u3002\u653b\u6483\u8005\u306f\u30e1\u30bf\u30c7\u30fc\u30bf\u30ad\u30fc\u30fb\u5024\u306b\u60aa\u610f\u306e\u3042\u308b\u6587\u5b57\u5217\u3092\u6df7\u5165\u3055\u305b\u3001\u5168\u884c\u524a\u9664\u3001\u7279\u5b9a\u884c\u524a\u9664\u3001\u60c5\u5831\u62bd\u51fa\u304c\u53ef\u80fd\u3002\nCVE-2026-10105 CVSS 8.3 | HIGH", "creation_timestamp": "2026-05-29T22:26:49.484953Z"}, {"uuid": "4778310b-2fab-4e96-8ae8-fa63175fe28b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10107", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mmzlicfzir2o", "content": "MoviePilot v2\u306e\u753b\u50cf\u30d7\u30ed\u30ad\u30b7\u306bSSRF\u8106\u5f31\u6027\u3002\u8a8d\u8a3c\u6e08\u307f\u653b\u6483\u8005\u304c\u3001Cookie\u3068URL\u3067\u4efb\u610f\u306eURL\u3092\u8981\u6c42\u53ef\u80fd\u3002\u5185\u90e8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306e\u30b5\u30fc\u30d3\u30b9\u60c5\u5831\u6f0f\u6d29\u3084\u30c7\u30fc\u30bf\u7a83\u76d7\u306e\u53ef\u80fd\u6027\u304c\u3042\u308b\u3002\nCVE-2026-10107 CVSS 7.7 | HIGH", "creation_timestamp": "2026-05-29T22:28:33.308457Z"}, {"uuid": "67a71cd7-9ba2-4219-8a16-9456c9e5267d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10105", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mn3tqrfgri2m", "content": "\ud83d\udfe0 CVE-2026-10105 - High (8.3)\n\nagno 2.6.5 contains a SQL injection vulnerability in the ClickHouse vector database backend that ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-10105/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-30T20:01:32.729635Z"}, {"uuid": "3bf7e4e6-3d2a-4f57-8f2c-c6bf12aedfd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10107", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mn3tqyigao2p", "content": "\ud83d\udfe0 CVE-2026-10107 - High (7.7)\n\nMoviePilot v2 contains a server-side request forgery vulnerability in the image proxy endpoint th...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-10107/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-30T20:01:40.416831Z"}, {"uuid": "359c147e-2348-400f-a19a-5c03806ce71e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10108", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mn3x35uqub2h", "content": "\ud83d\udfe0 CVE-2026-10108 - High (7.5)\n\nxiaomusic v0.5.7 contains an unauthenticated path traversal vulnerability in the GET /music/{file...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-10108/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-30T21:01:03.306922Z"}]}