{"vulnerability": "CVE-2026-11414", "sightings": [{"uuid": "b5d1795c-6091-42bb-ada9-9603369a5e93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11414", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnkztxyif42t", "content": "CVE-2026-11414 - Unauthenticated File Exfiltration in Altium Enterprise Server Vault Service via Hard-coded Cryptographic Key and Path Traversal\nCVE ID : CVE-2026-11414\n \n Published : June 5, 2026, 8:17 p.m. | 15\u00a0minutes ago\n \n Description : A hard-coded cryptographic key is u...", "creation_timestamp": "2026-06-05T21:00:38.158838Z"}, {"uuid": "8b1db3b2-bb7d-4cd3-bdfb-e5c391ef9611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11414", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116702696330101939", "content": "\ud83d\udd12 CRITICAL: CVE-2026-11414 in Altium Enterprise Server \u2014 hard-coded keys + path traversal let unauth'd attackers access files & configs, risking full compromise. Restrict access, monitor for fixes. https://radar.offseq.com/threat/cve-2026-11414-cwe-798-use-of-hard-coded-credentia-ab72dad7 #OffSeq #Cybersecurity #CVE2026_11414", "creation_timestamp": "2026-06-06T10:30:27.202642Z"}, {"uuid": "25221057-6648-41d5-a176-8591aed71f29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11414", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnmh43cise2l", "content": "\ud83d\udea8 CRITICAL: Altium Enterprise Server flaw (CVE-2026-11414) allows unauth'd file theft via hard-coded keys & path traversal. Restrict access now & watch for patches. https://radar.offseq.com/threat/cve-2026-11414-cwe-798-use-of-hard-coded-credentia-ab72dad7 #OffSeq #Security #Vulnerability", "creation_timestamp": "2026-06-06T10:30:29.315991Z"}, {"uuid": "0b61a39e-1e3b-490a-b951-e5fb42923c6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11414", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motx5od2pd2v", "content": "\ud83d\udea8  ALERT: CVE-2026-11414\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nA hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the Vault service. Because the key is identical across all installations, an unauthenticated network attacker who can reach the server can forge valid", "creation_timestamp": "2026-06-22T03:31:31.686634Z"}]}