{"vulnerability": "CVE-2026-59948", "sightings": [{"uuid": "363659aa-9449-4100-bb61-27107dd244c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59948", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mqmcwqc74x2m", "content": "PHP Composer patched three flaws, including CVE-2026-59948, an arbitrary file write that can run code outside your project. Update to 2.10.2 or 2.2.29.\n\n#PHPComposer #Composer #ArbitraryFileWrite #SupplyChain #CVE #PHP #DevSecOps #InfoSec", "creation_timestamp": "2026-07-14T13:31:29.749020Z"}, {"uuid": "c7d5cfaa-2b53-4b0b-86d6-3c8ada13bf30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59948", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mqofbaoful27", "content": "CVE-2026-59948: PHP Composer\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u30d1\u30c3\u30b1\u30fc\u30b8\u304c\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8\u5916\u3067\u30b3\u30fc\u30c9\u3092\u5b9f\u884c\u3067\u304d\u308b \n\nCVE-2026-59948: PHP Composer Flaw Lets Packages Execute Code Outside the Project Context  #DailyCyberSecurity (Jul 14)\n\nsecurityonline.info/php-composer...", "creation_timestamp": "2026-07-15T09:18:28.821063Z"}]}