{"vulnerability": "CVE-2026-4280", "sightings": [{"uuid": "ba033ba2-6057-490c-ad8d-3d9046735c75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4280", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3mkdoigax452s", "content": "", "creation_timestamp": "2026-04-25T18:33:06.521240Z"}, {"uuid": "f2fd7cba-65f4-4bdb-a8ea-3fac08b207b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42800", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mkpo3jrln42p", "content": "CVE-2026-42800 - Deference after null check in ims_client sip\nCVE ID : CVE-2026-42800\n \n Published : April 30, 2026, 10:16 a.m. | 2\u00a0hours, 2\u00a0minutes ago\n \n Description : NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client modules) allows...", "creation_timestamp": "2026-04-30T12:57:50.563080Z"}, {"uuid": "85cc1e9b-1400-4190-87f3-ab9a62de0368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42809", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml2av2pacn2r", "content": "\ud83d\udd34 CVE-2026-42809 - Critical (9.9)\n\nApache Polaris can issue broad temporary (\"vended\") storage credentials during\nstaged\ntable creat...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42809/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-04T18:00:52.672180Z"}, {"uuid": "445e356f-adde-4249-8833-a0b4fe112cb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42809", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml2ekgftrk2p", "content": "CVE-2026-42809 - Apache Polaris: staged table creation could vend storage credentials for unvalidated locations\nCVE ID : CVE-2026-42809\n \n Published : May 4, 2026, 5:16 p.m. | 1\u00a0hour, 4\u00a0minutes ago\n \n Description : Apache Polaris can issue broad temporary (\"vended\") storage cr...", "creation_timestamp": "2026-05-04T19:06:30.160199Z"}, {"uuid": "badc95af-0891-44ab-be7d-10d339b23bc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42809", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mlnxkhgnyu2f", "content": "\ud83d\udccc CVE-2026-42809 - Apache Polaris can issue broad temporary (\"vended\") storage credentials during\nstaged\ntable creation before the effective table location has been vali... https://www.cyberhub.blog/cves/CVE-2026-42809", "creation_timestamp": "2026-05-12T14:07:07.444635Z"}]}