{"vulnerability": "CVE-2026-61876", "sightings": [{"uuid": "b4854d25-53b9-4c58-9c14-714771099ef4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61876", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqh6fkg4lk2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-61876 \u0432 LuCI: \u0440\u0438\u0441\u043a\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/AEF34173-ABD7-41C1-A44D-39C2BD0AD815", "creation_timestamp": "2026-07-12T12:26:59.221298Z"}, {"uuid": "a99c3f83-36bc-4f94-b201-803144bc5c1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61876", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqh7hqwuyt2t", "content": "CVE-2026-61876 - luci\nAn attacker on the same network can inject malicious code into LuCI's DHCP lease pages, potentially allowing them to take control of an administrator's browser. This vulnerability affects\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#luci #openwrt #CVE #infosec", "creation_timestamp": "2026-07-12T12:46:06.467960Z"}, {"uuid": "98be33ec-09c0-4a6f-9010-04a83b77f3b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61876", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqhabnqobz2k", "content": "\ud83d\udfe0 CVE-2026-61876 - High (8.8)\n\nLuCI versions fail to properly encode DHCPv6 lease hostnames before rendering in status tables, a...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-61876/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-12T13:00:35.941323Z"}, {"uuid": "8d25d237-0ff3-489a-b9b8-47dc1a03555e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61876", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqhawwrokk27", "content": "CVE-2026-61876 - LuCI DHCPv6 Lease Hostname Stored Cross-Site Scripting\nCVE ID : CVE-2026-61876\n \n Published : July 12, 2026, 12:16 p.m. | 16\u00a0minutes ago\n \n Description : LuCI versions fail to properly encode DHCPv6 lease hostnames before rendering in status tables, allowing a...", "creation_timestamp": "2026-07-12T13:12:29.728444Z"}, {"uuid": "d11300f6-18d7-442f-aed9-a2353209c517", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-61876", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116907247335811041", "content": "OpenWrt LuCI hit by CRITICAL XSS (CVE-2026-61876, CVSS 9.4): DHCPv6 hostnames not properly encoded, enabling adjacent attackers to inject scripts into admin browsers. Restrict interface access, monitor advisories. https://radar.offseq.com/threat/cve-2026-61876-improper-neutralization-of-input-du-90cbeb597700a4fd #OffSeq #OpenWrt #XSS #Infosec", "creation_timestamp": "2026-07-12T13:30:27.742420Z"}, {"uuid": "cda4d073-60c0-42a6-b711-b655d497ebc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-61876", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqhbx44fvl2j", "content": "CRITICAL XSS in OpenWrt LuCI (CVE-2026-61876): Attackers on your network can inject scripts via DHCPv6 hostnames, targeting admin browsers. Restrict access &amp; check advisories for patches. https://radar.offseq.com/threat/cve-2026-61876-improper-neutralization-of-input-du-90cbeb597700a4fd #OffSeq #...", "creation_timestamp": "2026-07-12T13:30:29.533687Z"}, {"uuid": "7cbe9be7-a0d6-451f-bd04-afeb50058387", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-61876", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mqhv5ijuan2b", "content": "OpenWrt's LuCI web panel has a stored XSS flaw (CVE-2026-61876, CVSS 8.8): a device on the network can hide a script in its DHCPv6 hostname that runs in the admin's browser.\n\nAffects OpenWrt routers serving untrusted devices.\n\nFix: update LuCI to the patched build.", "creation_timestamp": "2026-07-12T19:14:05.048595Z"}]}