{"vulnerability": "CVE-2026-4769", "sightings": [{"uuid": "c7342ca1-5c01-48ff-9ca3-dd9d84ca8eb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47694", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmyz7ktvwb27", "content": "CVE-2026-47694 - WWBN AVideo: Stored XSS via unescaped Gallery category description\nCVE ID : CVE-2026-47694\n \n Published : May 29, 2026, 2:16 p.m. | 1\u00a0hour, 55\u00a0minutes ago\n \n Description : WWBN AVideo is an open source video platform. In 29.0 and earlier, AVideo stores categor...", "creation_timestamp": "2026-05-29T17:01:17.839013Z"}, {"uuid": "2764ea58-f7f9-4954-a57a-a9fc6a629c4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47696", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmz35lsz4e23", "content": "CVE-2026-47696 - WWBN AVideo: Authenticated wallet credit bypass in AuthorizeNet processPayment endpoint\nCVE ID : CVE-2026-47696\n \n Published : May 29, 2026, 2:16 p.m. | 1\u00a0hour, 55\u00a0minutes ago\n \n Description : WWBN AVideo is an open source video platform. In 29.0 and earlier, ...", "creation_timestamp": "2026-05-29T17:35:59.518044Z"}, {"uuid": "f65fbbba-9cb5-4541-8be5-7e00289fe42c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-47695", "type": "published-proof-of-concept", "source": "https://github.com/cc-tweaked/CC-Tweaked/security/advisories/GHSA-5jh9-2h63-pw4q", "content": "", "creation_timestamp": "2026-05-18T22:28:24.000000Z"}, {"uuid": "a4b181c7-1aee-421d-8a84-ebc1516b0bb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47696", "type": "seen", "source": "https://gist.github.com/alon710/8d83dcf8c5f6eaceac335292cf54a077", "content": "# CVE-2026-47696: CVE-2026-47696: Authenticated Wallet Credit Bypass in WWBN AVideo AuthorizeNet Plugin\n\n&gt; **CVSS Score:** 7.1\n&gt; **Published:** 2026-06-04\n&gt; **Full Report:** https://cvereports.com/reports/CVE-2026-47696\n\n## Summary\nAn authenticated wallet credit bypass vulnerability exists in WWBN AVideo version 29.0 and earlier. The AuthorizeNet plugin includes an unfinished mockup endpoint, processPayment.json.php, which lacks actual transaction verification and hardcodes success. This allows any authenticated user to credit their wallet with arbitrary balances without making any payments.\n\n## TL;DR\nAuthenticated users can inject arbitrary virtual funds into their wallets due to a hardcoded payment success flag and missing API validation in a placeholder endpoint.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-345\n- **Attack Vector**: Network\n- **CVSS v4.0**: 7.1\n- **CVSS v3.1**: 4.3\n- **Exploit Status**: PoC\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- WWBN AVideo version 29.0 and earlier with AuthorizeNet and YPTWallet plugins enabled\n- **AVideo**: &lt;= 29.0 (Fixed in: `Commit 8224024`)\n\n## Mitigation\n\n- Upgrade WWBN AVideo to a patched version\n- Manually delete the processPayment.json.php file\n- Disable the AuthorizeNet plugin if not in use\n\n**Remediation Steps:**\n1. Locate the file at plugin/AuthorizeNet/processPayment.json.php\n2. Verify the file contents match the vulnerable placeholder logic\n3. Delete the file from the filesystem\n4. Restart the web server or clear application cache if necessary\n\n## References\n\n- [GitHub Security Advisory GHSA-9392-pj54-qqf8](https://github.com/WWBN/AVideo/security/advisories/GHSA-9392-pj54-qqf8)\n- [Patch Commit deleting processPayment.json.php](https://github.com/WWBN/AVideo/commit/822402444b4db4e9442779c8c789ffe5312b3627)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-47696) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-04T19:40:55.000000Z"}, {"uuid": "a01ddf88-c4d5-486a-aac8-69429bbebe7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47696", "type": "seen", "source": "https://gist.github.com/alon710/94ad07ac90371ecb50e3be0d7c9cdb9e", "content": "# CVE-2026-47696: CVE-2026-47696: Authenticated Wallet Credit Bypass in WWBN AVideo AuthorizeNet Plugin\n\n&gt; **CVSS Score:** 7.1\n&gt; **Published:** 2026-06-04\n&gt; **Full Report:** https://cvereports.com/reports/CVE-2026-47696\n\n## Summary\nAn authenticated wallet credit bypass vulnerability exists in WWBN AVideo version 29.0 and earlier. The AuthorizeNet plugin includes an unfinished mockup endpoint, processPayment.json.php, which lacks actual transaction verification and hardcodes success. This allows any authenticated user to credit their wallet with arbitrary balances without making any payments.\n\n## TL;DR\nAuthenticated users can inject arbitrary virtual funds into their wallets due to a hardcoded payment success flag and missing API validation in a placeholder endpoint.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-345\n- **Attack Vector**: Network\n- **CVSS v4.0**: 7.1\n- **CVSS v3.1**: 4.3\n- **Exploit Status**: PoC\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- WWBN AVideo version 29.0 and earlier with AuthorizeNet and YPTWallet plugins enabled\n- **AVideo**: &lt;= 29.0 (Fixed in: `Commit 8224024`)\n\n## Mitigation\n\n- Upgrade WWBN AVideo to a patched version\n- Manually delete the processPayment.json.php file\n- Disable the AuthorizeNet plugin if not in use\n\n**Remediation Steps:**\n1. Locate the file at plugin/AuthorizeNet/processPayment.json.php\n2. Verify the file contents match the vulnerable placeholder logic\n3. Delete the file from the filesystem\n4. Restart the web server or clear application cache if necessary\n\n## References\n\n- [GitHub Security Advisory GHSA-9392-pj54-qqf8](https://github.com/WWBN/AVideo/security/advisories/GHSA-9392-pj54-qqf8)\n- [Patch Commit deleting processPayment.json.php](https://github.com/WWBN/AVideo/commit/822402444b4db4e9442779c8c789ffe5312b3627)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-47696) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-04T19:50:59.000000Z"}, {"uuid": "139f6149-0476-49d4-aac7-9ba5abf8f944", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-47694", "type": "published-proof-of-concept", "source": "https://github.com/WWBN/AVideo/security/advisories/GHSA-c8h8-vq34-9fw2", "content": "", "creation_timestamp": "2026-05-19T14:46:04.000000Z"}, {"uuid": "44d08af3-49f5-4af1-b830-e22a855c0e9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-47696", "type": "published-proof-of-concept", "source": "https://github.com/WWBN/AVideo/security/advisories/GHSA-9392-pj54-qqf8", "content": "", "creation_timestamp": "2026-05-19T15:01:00.000000Z"}, {"uuid": "01bad604-2e12-4517-954e-7e12c5711205", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-47693", "type": "published-proof-of-concept", "source": "https://github.com/advisories/GHSA-3h6h-67x3-cv5x", "content": "", "creation_timestamp": "2026-06-08T23:04:25.000000Z"}, {"uuid": "c1a4b612-a06e-4ca5-b5b9-fcbe46cce25b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47691", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mo4bgqtjp42j", "content": "CVE-2026-47691 - Netty has Insufficient Bailiwick Validation for NS Records\nCVE ID : CVE-2026-47691\n \n Published : June 12, 2026, 4:16 p.m. | 51\u00a0minutes ago\n \n Description : Netty is a network application framework for development of protocol servers and clients. Prior to vers...", "creation_timestamp": "2026-06-12T17:31:40.133673Z"}, {"uuid": "f2d5e906-e716-4df0-a230-b40ca1316816", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47691", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moa3qqf4dd26", "content": "\ud83d\udfe0 CVE-2026-47691 - High (8.7)\n\nNetty is a network application framework for development of protocol servers and clients. Prior t...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-47691/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-14T06:02:38.329188Z"}, {"uuid": "65e49cb4-862a-4290-a7a3-ead9903be7f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47691", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3moccjm3qzg2i", "content": "\ud83d\udccc CVE-2026-47691 - Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's `D... https://www.cyberhub.blog/cves/CVE-2026-47691", "creation_timestamp": "2026-06-15T03:07:08.033556Z"}, {"uuid": "a4ef133b-1a8b-4877-aea7-027eeee35934", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47691", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3modpjvgdrq22", "content": "\ud83d\udea8 HIGH: CVE-2026-47691\n\nCVSS 8.7/10\n\n\ud83d\udccb WHAT IT IS:\nNetty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's `DnsResolveContext` insufficiently validates the bailiwick of NS records, enabling DNS Cache Poisonin", "creation_timestamp": "2026-06-15T16:32:35.812586Z"}, {"uuid": "55b3ad9b-3c83-44b5-ae80-eb3d5a2ae3eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47691", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motmm7mcgv2b", "content": "\ud83d\udea8  ALERT: CVE-2026-47691\n\nCVSS 8.7/10\n\n\ud83d\udccb WHAT IT IS:\nNetty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's `DnsResolveContext` insufficiently validates the bailiwick of NS records, enabling DNS Cache Poison", "creation_timestamp": "2026-06-22T00:22:48.271731Z"}, {"uuid": "56cd9900-69e5-48f1-90ff-a7bee3a675fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47693", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moylvgrwcv26", "content": "CVE-2026-47693 - Poweradmin: CSV Injection in log export endpoints allows formula execution in spreadsheet applications\nCVE ID : CVE-2026-47693\n \n Published : June 23, 2026, 10:07 p.m. | 1\u00a0hour, 36\u00a0minutes ago\n \n Description : Poweradmin is a web-based DNS administration tool ...", "creation_timestamp": "2026-06-23T23:53:22.907171Z"}, {"uuid": "4df31260-ad54-40a9-9e56-9fb0e42bdc32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47691", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqckarmtam2z", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-47691 \u0432 Netty: \u0443\u0433\u0440\u043e\u0437\u044b, \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/B582FC38-17A2-4488-A200-50DD22169788", "creation_timestamp": "2026-07-10T16:15:44.713345Z"}, {"uuid": "cd489a8e-b1bf-4f60-a441-fabd633c3214", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4769", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/116911458109125585", "content": "#OT #Advisory VDE-2026-031WAGO: Early-Boot Diagnostic Exposure in WAGO System I/O Field Devices\nCertain devices in the WAGO System I/O Field series enable an internal diagnostic capability during the initial stages of system startup. This behavior, which is not part of the publicly documented feature set, briefly allows access to system functions before the main operating environment becomes fully active. Under specific conditions, this could permit interactions with system components that are normally protected during regular operation.#CVE CVE-2026-4769\nhttps://certvde.com/en/advisories/vde-2026-031/\n#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-031.json", "creation_timestamp": "2026-07-13T07:21:18.817698Z"}, {"uuid": "f6a30275-5834-4d54-8405-992d68353348", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4769", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mqj7nsuneh2l", "content": "CVE-2026-4769 exposes WAGO System I/O field devices. An early-boot flaw lets an unauthenticated attacker reach full system compromise.\n#WAGO #CVE20264769 #ICS #OTSecurity #Firmware", "creation_timestamp": "2026-07-13T07:54:49.692305Z"}, {"uuid": "7cc893dc-ad37-417c-9912-ea1cd40c5970", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4769", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjbmvfwld2x", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-4769 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 WAGO System I/O Field: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/EE685329-225C-40E1-9380-2C16BAB2E3C8", "creation_timestamp": "2026-07-13T08:30:05.774274Z"}, {"uuid": "a8d40e93-45b7-4edb-a3d7-ef1bfecd730f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4769", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqjdqsvy422q", "content": "CVE-2026-4769\nWAGO System I/O Field devices have a hidden diagnostic mode that becomes accessible for a short time during startup. This allows an attacker to access the device's internal processes without a password,\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-13T09:08:05.262963Z"}, {"uuid": "48553d6a-e8d7-4430-b006-3877481f16e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4769", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqjgvs2k2e2g", "content": "CVE-2026-4769 - Unauthenticated Access to Internal Diagnostic Interface\nCVE ID : CVE-2026-4769\n \n Published : July 13, 2026, 8:16 a.m. | 1\u00a0hour, 13\u00a0minutes ago\n \n Description : Certain devices in the WAGO System I/O Field series activate an internal diagnostic capability durin...", "creation_timestamp": "2026-07-13T10:04:33.200420Z"}]}