{"vulnerability": "CVE-2026-44914", "sightings": [{"uuid": "d201d66e-df75-4059-a5fb-9163c340858b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44914", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3moujjvtdeq2m", "content": "Apache NiFi 1.12.0 \u2013 2.9.0: HIGH severity flaw lets users with write access add restricted components. Upgrade to 2.9.0 or enforce extra controls. CVE-2026-44914. https://radar.offseq.com/threat/cve-2026-44914-cwe-862-missing-authorization-in-ap-41e3d5d03a56632c #OffSeq #Cybersecurity #NiFi", "creation_timestamp": "2026-06-22T09:00:29.965510Z"}, {"uuid": "585a9874-8acc-4006-ba97-a0d31deae0a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44914", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3moqfnp5qnq2s", "content": "CVE-2026-44914: Apache NiFi: Missing Authorization of Restricted Permissions when Replacing Flow Contents", "creation_timestamp": "2026-06-20T17:40:22.920729Z"}, {"uuid": "7ecbc043-6df4-4f7b-bfba-ddd134240034", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44914", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116792939472856881", "content": "CVE-2026-44914: HIGH severity in Apache NiFi (1.12.0 \u2013 2.9.0). Missing authorization lets users with write access add restricted components. Upgrade to 2.9.0 or enforce specific controls. https://radar.offseq.com/threat/cve-2026-44914-cwe-862-missing-authorization-in-ap-41e3d5d03a56632c #OffSeq #NiFi #Vuln #Infosec", "creation_timestamp": "2026-06-22T09:00:38.439396Z"}, {"uuid": "8c1b951d-b913-4005-bd0e-a65cb0d3a94c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44914", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moutcafs422s", "content": "CVE-2026-44914 - Apache NiFi: Missing Authorization of Restricted Permissions when Replacing Flow Contents\nCVE ID : CVE-2026-44914\n \n Published : June 22, 2026, 7:38 a.m. | 4\u00a0hours, 5\u00a0minutes ago\n \n Description : Apache NiFi 1.12.0 through 2.9.0 are missing authorization when ...", "creation_timestamp": "2026-06-22T11:55:09.440421Z"}, {"uuid": "b964c619-3adb-4d24-bbd0-67abde11f22f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44914", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3moum3dbxrd2y", "content": "Apache NiFi 2.10.0 (June 20) fixes CVE-2026-44914, where a user with general write access could add components requiring Restricted permissions, bypassing authorization. It affects 1.12.0 to 2.9.0. How do you gate Restricted components in NiFi?\n#security", "creation_timestamp": "2026-06-22T09:46:01.994703Z"}]}