{"vulnerability": "CVE-2026-1084", "sightings": [{"uuid": "11057929-6552-4a6e-9f79-6d42d946074a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1084", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3md5znczj2r2m", "content": "", "creation_timestamp": "2026-01-24T10:40:22.132606Z"}, {"uuid": "9b15f3d7-83b5-4e22-8f91-0500cd43e64a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10840", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/116692281779225455", "content": "https://access.redhat.com/security/cve/cve-2026-10840\n\nA flaw was found in the OpenShift Pipelines operator. The tekton-scheduler-rolebinding ClusterRoleBinding grants the system:authenticated group write access to Kueue and cert-manager custom resources via the tekton-scheduler-role ClusterRole. When Kueue or cert-manager CRDs are present on the cluster, any authenticated user can disrupt workload scheduling, tamper with scheduling priorities, delete other tenants' Workload objects, or induce cert-manager to overwrite TLS Secrets including the default ingress controller certificate.", "creation_timestamp": "2026-06-04T14:21:53.814832Z"}, {"uuid": "bf70b1e6-fe95-4fad-8034-3c9a3b94e6f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10846", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnwf53vrkt2m", "content": "CVE-2026-10846 - Insufficient verification that responses belong to a query\nCVE ID : CVE-2026-10846\n \n Published : June 10, 2026, 7:16 a.m. | 41\u00a0minutes ago\n \n Description : NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as (stub) resolver ...", "creation_timestamp": "2026-06-10T09:21:52.484294Z"}, {"uuid": "deb995ee-34fe-4315-85d1-eb6afb1736de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10846", "type": "seen", "source": "https://social.nlnetlabs.nl/users/nlnetlabs/statuses/116726018811865481", "content": "Today we released ldns 1.9.1, which contains a security fix for CVE-2026-10846: Insufficient verification that responses belong to a query. Thanks Pablo Ruiz from \u2018codecome.ai\u2019 for the report.\nRead more in the release post:https://community.nlnetlabs.nl/t/ldns-1-9-1-released/3403\n#DNS #OpenSource", "creation_timestamp": "2026-06-10T13:22:16.782148Z"}, {"uuid": "58576b35-51c6-49cc-820e-72943174ac7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10847", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnzijoxr3c2l", "content": "\ud83d\udfe0 CVE-2026-10847 - High (7.8)\n\nA local privilege escalation vulnerability exists in Check Point Identity Agent Full for Windows ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-10847/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-11T15:00:37.223018Z"}, {"uuid": "f4a24030-c1a9-4b28-b3fe-505425884530", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-10847", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/check-point-security-advisory-av26-590", "content": "", "creation_timestamp": "2026-06-11T11:32:02.000000Z"}, {"uuid": "6887d747-1479-4a72-a7e3-2ed4545b4e51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10847", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116736259920446518", "content": "Our CTI team identified a lot of activities targeting Check Point Identity Agent (CVE-2026-10847) https://vuldb.com/vuln/370390/cti", "creation_timestamp": "2026-06-12T08:46:06.480414Z"}, {"uuid": "9cad6e52-331a-455a-9fd0-2baa67148f9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10847", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mo3w6emqph23", "content": "CVE-2026-10847 - Privilege Escalation in Check Point Identity Agent. Local authenticated user can execute code with SYSTEM privileges. CVSS 7.8. No patch available. Restrict access immediately. #CVE #CheckPoint #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-10847/", "creation_timestamp": "2026-06-12T14:10:07.799139Z"}, {"uuid": "6bc01f40-e05d-46b0-8f39-217efd0c7529", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10846", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3monxamji7k2l", "content": "\ud83d\udee1\ufe0f CVE-2026-10846: biblioteca ldns do openSUSE permite envenenamento de cache DNS em aplica\u00e7\u00f5es stub resolver. Vers\u00f5es 1.2.0 a 1.9.0 afetadas.  Saiba mais: -&gt; tinyurl.com/2wacmj2d", "creation_timestamp": "2026-06-19T18:17:15.327682Z"}, {"uuid": "23693dae-21d1-49fe-ab13-6b403bb33ac2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10846", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3monxancou22l", "content": "\ud83d\udee1\ufe0f CVE-2026-10846: biblioteca ldns do openSUSE permite envenenamento de cache DNS em aplica\u00e7\u00f5es stub resolver. Vers\u00f5es 1.2.0 a 1.9.0 afetadas.  Saiba mais: -&gt; tinyurl.com/2wacmj2d", "creation_timestamp": "2026-06-19T18:17:16.176457Z"}]}