{"vulnerability": "CVE-2026-5545", "sightings": [{"uuid": "bda56bd6-72f5-4659-b995-a14b794dd1e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5545", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mkn4vufiap2k", "content": "\ud83d\udd17 CVE : CVE-2026-4873, CVE-2026-5545, CVE-2026-5773, CVE-2026-6253, CVE-2026-6276, CVE-2026-6429, CVE-2026-7009, CVE-2026-7168, CVE-2024-11053, CVE-2026-1965, CVE-2026-4873, CVE-2026-5545, CVE-2026-5773, CVE-2026-6253, CVE-2026-6276, CVE-2026-6429, CVE-2026-7009, CVE-2026-7168", "creation_timestamp": "2026-04-29T12:45:07.510321Z"}, {"uuid": "36529ce6-e072-42ee-8dc9-0648657ab605", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5545", "type": "seen", "source": "https://mastodon.social/users/bagder/statuses/116486743707813679", "content": "Out of the eight new #curl CVEs, four of them had existed in code for over twenty years when we published.\nCVE-2026-5545 clocks in at 22.75 years old\nCVE-2026-7168 at 21.91 years\nCVE-2026-6429 at 20.95 years\nCVE-2026-6253 at 20.66 years\nAnd yet CVE-2026-5545 only becomes the 5th oldest vulnerability ever found in curl so far.", "creation_timestamp": "2026-04-29T07:10:54.079712Z"}, {"uuid": "c5cc4e9f-4c67-494f-b804-947174a7296c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5545", "type": "seen", "source": "https://bsky.app/profile/bagder.mastodon.social.ap.brid.gy/post/3mkmkagqvtir2", "content": "Out of the eight new #curl CVEs, four of them had existed in code for over twenty years when we published.\n\nCVE-2026-5545 clocks in at 22.75 years old\n\nCVE-2026-7168 at 21.91 years\n\nCVE-2026-6429 at 20.95 years\n\nCVE-2026-6253 at 20.66 years\n\nAnd yet CVE-2026-5545 only becomes the 5th oldest [\u2026]", "creation_timestamp": "2026-04-29T07:11:04.352476Z"}, {"uuid": "cbf54fff-b400-4d4e-8829-fde6f8d40c89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5545", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mkmkshz6sl22", "content": "[ADVISORY] curl: CVE-2026-5545: wrong reuse of HTTP Negotiate connection", "creation_timestamp": "2026-04-29T07:21:06.419172Z"}, {"uuid": "bb065775-58cb-4821-b9f8-8d803a16c591", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5545", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mkokzbugzf2x", "content": "Top 3 CVE for last 7 days:\nCVE-2026-31431: 53 interactions\nCVE-2026-3854: 48 interactions\nCVE-2026-42208: 22 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-31431: 53 interactions\nCVE-2026-3854: 31 interactions\nCVE-2026-5545: 17 interactions\n", "creation_timestamp": "2026-04-30T02:30:14.676846Z"}, {"uuid": "62078ffa-baec-4b2f-aa7c-cf2e1fbe3395", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55450", "type": "published-proof-of-concept", "source": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-x223-p2gf-v735", "content": "", "creation_timestamp": "2026-06-17T03:40:00.000000Z"}, {"uuid": "c78645ba-3bbe-467b-8ea5-ea6c9d1eff7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55450", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3motoi5iyzb2k", "content": "Langflow\u306e\u30d5\u30a1\u30a4\u30eb\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\u306e\u8106\u5f31\u6027\uff1a\u8a73\u7d30\u3068\u6982\u5ff5\u5b9f\u8a3c\uff08PoC\uff09\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u516c\u958b\uff08CVE-2026-55450\uff09 \n\nLangflow File Upload Flaw: Details and PoC Exploit Publicly Disclosed (CVE-2026-55450)  #DailyCyberSecurity (Jun 19)\n\nsecurityonline.info/langflow-fil...", "creation_timestamp": "2026-06-22T00:56:19.395337Z"}, {"uuid": "bf73fd9f-68f2-430b-aa2d-78c5ff9821c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55454", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mp34rdzebt2t", "content": "Appsmith &lt;2.1 has a CRITICAL vuln (CVE-2026-55454): low-priv users can exploit internal Caddy admin API via SSRF to control the reverse proxy. Upgrade to 2.1+ immediately. https://radar.offseq.com/threat/cve-2026-55454-cwe-749-exposed-dangerous-method-or-64dab1aa9059ef90 #OffSeq #appsmith #security", "creation_timestamp": "2026-06-25T00:00:40.120443Z"}, {"uuid": "69a932d7-60a6-4ea2-a3a7-bbc91219e372", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55454", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116807803619283441", "content": "CVE-2026-55454: CRITICAL (CVSS 9.9) vuln in appsmithorg Appsmith &lt;2.1. Unauth Caddy admin API inside container can be exploited via SSRF by low-priv users to control reverse proxy. Upgrade to 2.1+ ASAP. https://radar.offseq.com/threat/cve-2026-55454-cwe-749-exposed-dangerous-method-or-64dab1aa9059ef90 #OffSeq #infosec #CVE202655454 #appsmith", "creation_timestamp": "2026-06-25T00:01:01.442913Z"}, {"uuid": "efa6bc93-7739-4302-a76c-55f1fb1212aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55454", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp3eifnflm25", "content": "CVE-2026-55454 - Appsmith: Caddy admin API exposed without authentication\nCVE ID : CVE-2026-55454\n \n Published : June 24, 2026, 9:38 p.m. | 3\u00a0hours, 32\u00a0minutes ago\n \n Description : Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, the ...", "creation_timestamp": "2026-06-25T02:18:48.732591Z"}, {"uuid": "63e76495-d094-4c4a-8302-3ede18020f7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55454", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpai4moir62k", "content": "\ud83d\udccc CVE-2026-55454 - Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, the bundled Caddy reverse-proxy's admin API \u2014 which has no... https://www.cyberhub.blog/cves/CVE-2026-55454", "creation_timestamp": "2026-06-27T03:07:06.940696Z"}, {"uuid": "a934c7af-8966-43d6-bbf6-1cc8215c0c4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55450", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpc5r7yfms2y", "content": "\ud83d\udccc CVE-2026-55450 - Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, unauthenticated users can upload any amount of data to ... https://www.cyberhub.blog/cves/CVE-2026-55450", "creation_timestamp": "2026-06-27T19:07:07.340293Z"}]}