{"vulnerability": "CVE-2026-4647", "sightings": [{"uuid": "4276232b-65af-4e06-83df-7aee63e6748f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46473", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mmf75oycuh2u", "content": "CVE-2026-46473: Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand", "creation_timestamp": "2026-05-21T19:56:35.044256Z"}, {"uuid": "1f690366-5e8a-4809-b329-8f834b568004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4647", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mhqgttid7e24", "content": "", "creation_timestamp": "2026-03-23T16:05:21.024265Z"}, {"uuid": "7395a1ae-d0ed-4eff-9468-0ae15e96438d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46473", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmfcut5yt22c", "content": "\ud83d\udfe0 CVE-2026-46473 - High (7.5)\n\nAuthen::TOTP versions before 0.1.1 for Perl generate secrets using rand.\n\nSecrets were generated ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-46473/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-21T21:01:00.961731Z"}, {"uuid": "122a8f46-292a-4903-8924-9b9bb2421d59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46473", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mmfmw35dbs2g", "content": "Authen::TOTP (<0.1.1) suffers HIGH severity vuln: weak random secret generation can undermine TOTP security. Upgrade to v0.1.1+ ASAP when available. More: https://radar.offseq.com/threat/cve-2026-46473-cwe-331-insufficient-entropy-in-tch-3d3628d8 #OffSeq #Vuln #MFA", "creation_timestamp": "2026-05-22T00:00:39.983080Z"}, {"uuid": "1c336086-100c-4aab-8dfe-ff02e950c052", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-46477", "type": "published-proof-of-concept", "source": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5h9v-837x-m97r", "content": "", "creation_timestamp": "2026-05-14T14:18:06.000000Z"}, {"uuid": "a3ee42be-0f8f-4c1c-ac95-ac45a9798cc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-46478", "type": "published-proof-of-concept", "source": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7j65-65cr-6644", "content": "", "creation_timestamp": "2026-05-14T14:17:49.000000Z"}, {"uuid": "e9d693e8-351d-409c-b728-d1d5538b411c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-46479", "type": "published-proof-of-concept", "source": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-mq53-pc65-wjc4", "content": "", "creation_timestamp": "2026-05-14T14:18:18.000000Z"}, {"uuid": "d63c4d65-bc66-4d25-8ea2-020d321db168", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-46476", "type": "published-proof-of-concept", "source": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-728h-4mwj-f2p4", "content": "", "creation_timestamp": "2026-05-14T14:17:36.000000Z"}, {"uuid": "75953ab4-c768-4c05-9fba-3098a7425b91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46475", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mns5nlzx5j2o", "content": "CVE-2026-46475 - Flowise: Assistant create+update mass-assignment allows cross-workspace assistant takeover\nCVE ID : CVE-2026-46475\n \n Published : June 8, 2026, 4:16 p.m. | 17\u00a0minutes ago\n \n Description : Flowise is a drag & drop user interface to build a customized large ...", "creation_timestamp": "2026-06-08T16:57:17.582247Z"}, {"uuid": "a17287fa-d208-4715-b6a0-f77edca62c0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46478", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mns5rqk6nl2o", "content": "CVE-2026-46478 - Flowise: DatasetRow create+update mass-assignment allows cross-workspace row takeover\nCVE ID : CVE-2026-46478\n \n Published : June 8, 2026, 4:16 p.m. | 17\u00a0minutes ago\n \n Description : Flowise is a drag & drop user interface to build a customized large langu...", "creation_timestamp": "2026-06-08T16:59:41.519154Z"}, {"uuid": "33a83d41-8246-46c7-ac08-f9114cdd6b55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46476", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mns6gihbi32r", "content": "CVE-2026-46476 - Flowise: CustomTemplate create+update mass-assignment allows cross-workspace template takeover\nCVE ID : CVE-2026-46476\n \n Published : June 8, 2026, 4:16 p.m. | 17\u00a0minutes ago\n \n Description : Flowise is a drag & drop user interface to build a customized la...", "creation_timestamp": "2026-06-08T17:11:12.683489Z"}, {"uuid": "a45e3338-e904-4719-86a1-0cc42bf52388", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46479", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mns6n7iq7p2r", "content": "CVE-2026-46479 - Flowise: Evaluation create+update mass-assignment allows cross-workspace evaluation takeover\nCVE ID : CVE-2026-46479\n \n Published : June 8, 2026, 4:16 p.m. | 17\u00a0minutes ago\n \n Description : Flowise is a drag & drop user interface to build a customized larg...", "creation_timestamp": "2026-06-08T17:14:58.113170Z"}, {"uuid": "fe3ed7a7-3d3f-4a57-bf09-3c6d2f355aeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46477", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mns75tvowx2z", "content": "CVE-2026-46477 - Flowise: Dataset create+update mass-assignment allows cross-workspace dataset takeover\nCVE ID : CVE-2026-46477\n \n Published : June 8, 2026, 4:16 p.m. | 17\u00a0minutes ago\n \n Description : Flowise is a drag & drop user interface to build a customized large lang...", "creation_timestamp": "2026-06-08T17:24:21.027937Z"}, {"uuid": "cc2cbca9-2626-44d6-8590-84866daf24dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-46475", "type": "published-proof-of-concept", "source": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-78pr-c5x5-jggc", "content": "", "creation_timestamp": "2026-05-14T14:17:23.000000Z"}]}