{"vulnerability": "CVE-2026-5676", "sightings": [{"uuid": "8a9d627b-f6d5-4e34-bcd4-68de5c247e0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5676", "type": "published-proof-of-concept", "source": "Telegram/MEpsfFR7A3mQ2dGKH0pRdtzvADr6R8o0dal6eRm_pMO8wsk", "content": "", "creation_timestamp": "2026-04-06T21:20:35.000000Z"}, {"uuid": "4650687e-a8d1-4862-8ae7-b14c761853a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56761", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp23unyhat2i", "content": "CVE-2026-56761 - hono - HTML Injection via Improper JSX Attribute Name Handling in SSR\nCVE ID : CVE-2026-56761\n \n Published : June 24, 2026, 11:53 a.m. | 1\u00a0hour, 51\u00a0minutes ago\n \n Description : hono before 4.12.14 contains an html injection vulnerability in jsx server-side ren...", "creation_timestamp": "2026-06-24T14:11:56.527824Z"}, {"uuid": "225eb88c-ffa5-40c9-b71f-343fa60e23c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56769", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5k4slih62z", "content": "CVE-2026-56769 - Huly Platform - Server-Side Request Forgery via /import Endpoint\nCVE ID : CVE-2026-56769\n \n Published : June 25, 2026, 6:05 p.m. | 3\u00a0hours, 5\u00a0minutes ago\n \n Description : Huly Platform before commit 68cbf8a contains an authenticated server-side request forgery...", "creation_timestamp": "2026-06-25T23:05:01.434525Z"}, {"uuid": "9491a291-17cb-42e4-b639-1b25b6e9c985", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56767", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5kc6oyzd27", "content": "CVE-2026-56767 - Maxun\nCVE ID : CVE-2026-56767\n \n Published : June 25, 2026, 6:03 p.m. | 3\u00a0hours, 7\u00a0minutes ago\n \n Description : Maxun before 0.0.42 contains a cross-tenant insecure direct object reference vulnerability in storage and webhook API handlers that allows authentic...", "creation_timestamp": "2026-06-25T23:08:01.644372Z"}, {"uuid": "3b72349d-419e-4104-8ccd-ff0f9fccf6ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56766", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5lrgeajq2a", "content": "CVE-2026-56766 - Hydra - Stack Buffer Overflow in NTLM Authentication Handler\nCVE ID : CVE-2026-56766\n \n Published : June 25, 2026, 6:01 p.m. | 3\u00a0hours, 10\u00a0minutes ago\n \n Description : Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authent...", "creation_timestamp": "2026-06-25T23:34:26.863909Z"}, {"uuid": "a6ff268e-a927-4512-a96b-cb8f3e758e4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56768", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5m2eudfs2p", "content": "CVE-2026-56768 - Seahub\nCVE ID : CVE-2026-56768\n \n Published : June 25, 2026, 6:05 p.m. | 3\u00a0hours, 6\u00a0minutes ago\n \n Description : Seahub before 13.0.23 does not enforce SHARE_LINK_LOGIN_REQUIRED on GET /api/v2.1/share-link-zip-task/, allowing unauthenticated users to bypass au...", "creation_timestamp": "2026-06-25T23:39:27.379885Z"}]}