{"vulnerability": "CVE-2026-40412", "sightings": [{"uuid": "5d01fc3c-3021-4e83-9084-704d9e8710f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-40412", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116624956555372744", "content": "\u26a0\ufe0f CRITICAL: CVE-2026-40412 in Azure Orbital Spatio lets attackers upload dangerous files and execute code remotely. Cloud users should ensure Microsoft\u2019s official fix is applied. Full details: https://radar.offseq.com/threat/cve-2026-40412-cwe-434-unrestricted-upload-of-file-473eb82a #OffSeq #Azure #Vuln #CloudSecurity", "creation_timestamp": "2026-05-23T17:00:12.881868Z"}, {"uuid": "c294fc82-230f-4d64-8617-1f46ab0b7dd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40412", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mmu5n3fhnp2p", "content": "\ud83d\udccc CVE-2026-40412 - Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network. https://www.cyberhub.blog/cves/CVE-2026-40412", "creation_timestamp": "2026-05-27T18:37:07.969252Z"}, {"uuid": "0022da20-10fd-46f5-981a-0be7d5c89a38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-40412", "type": "seen", "source": "https://bsky.app/profile/cyberowi.pl/post/3mn57byqwvb27", "content": "\ud83d\udea8 Krytyczna luka RCE w Azure Orbital Spatio (CVE-2026-40412)\n\nMicrosoft za\u0142ata\u0142 krytyczn\u0105 luk\u0119 RCE w us\u0142udze Azure Orbital Spatio, ocenion\u0105 na 10.0 w skali CVSS. Atak nie wymaga\u0142 uwierzytelnienia\n\nhttps://cyberowi.pl/krytyczna-luka-rce-w-azure-orbital-spatio-cve-2026-40412/\n\n#cyberbezpieczenstwo", "creation_timestamp": "2026-05-31T09:00:42.894473Z"}, {"uuid": "7642ac26-9b18-4b56-b6aa-806b40b301d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40412", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3moj7mlvpli25", "content": "\ud83d\udea8 HIGH: CVE-2026-40412\n\nCVSS 10.0/10\n\n\ud83d\udccb WHAT IT IS:\nUnrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network.\n\n\ud83c\udfaf WHO'S AFFECTED:\n  \u2022 Azure Orbital Spatio\n\n\u2694\ufe0f HOW IT'S EXPLOITED:\nAttack: unknown vector\nImpact: varies\n\n\u2705 WHA", "creation_timestamp": "2026-06-17T21:03:45.084284Z"}]}