{"vulnerability": "cve-2026-1010", "sightings": [{"uuid": "7361aa82-aad7-4440-8892-3e32a7db89c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1010", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mcis7pzh4e2u", "content": "", "creation_timestamp": "2026-01-16T00:01:36.659961Z"}, {"uuid": "a53bc8f6-43c8-42a4-bdde-b81777344a7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10108", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmzdp6japs2h", "content": "CVE-2026-10108 - xiaomusic 0.5.7 Path Traversal via GET /music endpoint\nCVE ID : CVE-2026-10108\n \n Published : May 29, 2026, 6:16 p.m. | 55\u00a0minutes ago\n \n Description : xiaomusic v0.5.7 contains an unauthenticated path traversal vulnerability in the GET /music/{file_path:path}...", "creation_timestamp": "2026-05-29T20:08:59.445774Z"}, {"uuid": "3a9269a1-c005-4f78-8814-10cef41ddaaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10105", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmzdsekh3l2s", "content": "CVE-2026-10105 - agno 2.6.5 SQL Injection via ClickHouse delete_by_metadata()\nCVE ID : CVE-2026-10105\n \n Published : May 29, 2026, 6:16 p.m. | 55\u00a0minutes ago\n \n Description : agno 2.6.5 contains a SQL injection vulnerability in the ClickHouse vector database backend that allow...", "creation_timestamp": "2026-05-29T20:10:46.486589Z"}, {"uuid": "b843f691-e987-4544-8501-22ce5db9d9ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10105", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mmzlfnbqri2v", "content": "agno 2.6.5\u3067ClickHouse\u30d0\u30c3\u30af\u30a8\u30f3\u30c9\u306bSQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u8106\u5f31\u6027\u3002\u653b\u6483\u8005\u306f\u30e1\u30bf\u30c7\u30fc\u30bf\u30ad\u30fc\u30fb\u5024\u306b\u60aa\u610f\u306e\u3042\u308b\u6587\u5b57\u5217\u3092\u6df7\u5165\u3055\u305b\u3001\u5168\u884c\u524a\u9664\u3001\u7279\u5b9a\u884c\u524a\u9664\u3001\u60c5\u5831\u62bd\u51fa\u304c\u53ef\u80fd\u3002\nCVE-2026-10105 CVSS 8.3 | HIGH", "creation_timestamp": "2026-05-29T22:26:49.484953Z"}, {"uuid": "4778310b-2fab-4e96-8ae8-fa63175fe28b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10107", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mmzlicfzir2o", "content": "MoviePilot v2\u306e\u753b\u50cf\u30d7\u30ed\u30ad\u30b7\u306bSSRF\u8106\u5f31\u6027\u3002\u8a8d\u8a3c\u6e08\u307f\u653b\u6483\u8005\u304c\u3001Cookie\u3068URL\u3067\u4efb\u610f\u306eURL\u3092\u8981\u6c42\u53ef\u80fd\u3002\u5185\u90e8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306e\u30b5\u30fc\u30d3\u30b9\u60c5\u5831\u6f0f\u6d29\u3084\u30c7\u30fc\u30bf\u7a83\u76d7\u306e\u53ef\u80fd\u6027\u304c\u3042\u308b\u3002\nCVE-2026-10107 CVSS 7.7 | HIGH", "creation_timestamp": "2026-05-29T22:28:33.308457Z"}, {"uuid": "67a71cd7-9ba2-4219-8a16-9456c9e5267d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10105", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mn3tqrfgri2m", "content": "\ud83d\udfe0 CVE-2026-10105 - High (8.3)\n\nagno 2.6.5 contains a SQL injection vulnerability in the ClickHouse vector database backend that ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-10105/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-30T20:01:32.729635Z"}, {"uuid": "3bf7e4e6-3d2a-4f57-8f2c-c6bf12aedfd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10107", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mn3tqyigao2p", "content": "\ud83d\udfe0 CVE-2026-10107 - High (7.7)\n\nMoviePilot v2 contains a server-side request forgery vulnerability in the image proxy endpoint th...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-10107/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-30T20:01:40.416831Z"}, {"uuid": "359c147e-2348-400f-a19a-5c03806ce71e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10108", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mn3x35uqub2h", "content": "\ud83d\udfe0 CVE-2026-10108 - High (7.5)\n\nxiaomusic v0.5.7 contains an unauthenticated path traversal vulnerability in the GET /music/{file...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-10108/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-30T21:01:03.306922Z"}, {"uuid": "af0872b4-5695-48f0-9be4-73a9fc9d962e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10100", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnbsehigoh22", "content": "CVE-2026-10100 - Simple Custom Login Page\nCVE ID : CVE-2026-10100\n \n Published : June 2, 2026, 3:16 a.m. | 1\u00a0hour, 16\u00a0minutes ago\n \n Description : The Simple Custom Login Page plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the color settings fields (Page...", "creation_timestamp": "2026-06-02T04:52:43.829637Z"}, {"uuid": "b5881b2e-89fd-40f7-b76c-eb4f856654a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10100", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3mnrleigsid2n", "content": "CVE-2026-10100 simple-custom-login-page (CVSS Score 4.4) #WordPress plugin #vulnerability #cybersecurity #wordpressfirewall #wordpresssecurity #hacking #wpsecurity #atomicedge", "creation_timestamp": "2026-06-08T11:30:06.872400Z"}, {"uuid": "730c9c34-6185-467c-8547-d95d7754d05b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10109", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mpjzniyuv52w", "content": "\u5bfe\u8c61\u88fd\u54c1\u540d\u3068\u30d0\u30fc\u30b8\u30e7\u30f3\uff1a\u8a18\u8f09\u306a\u3057 \u8106\u5f31\u6027\u306e\u5185\u5bb9\uff1aPDF\u30d5\u30a1\u30a4\u30eb\u51e6\u7406\u306b\u304a\u3051\u308b\u30d0\u30c3\u30d5\u30a1\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u306e\u53ef\u80fd\u6027 \u5f71\u97ff\u3092\u53d7\u3051\u308b\u5bfe\u8c61\uff1aPDF\u30d5\u30a1\u30a4\u30eb\u95b2\u89a7\u6a5f\u80fd \u653b\u6483\u8005\u304c\u53ef\u80fd\u306b\u306a\u308b\u884c\u70ba\uff1a\u30b5\u30fc\u30d3\u30b9\u904b\u7528\u59a8\u5bb3\u306e\u53ef\u80fd\u6027\u304c\u2026\nCVE-2026-10109 CVSS 9.8 | CRITICAL", "creation_timestamp": "2026-06-30T22:14:45.047445Z"}, {"uuid": "8958a224-f8ff-4e1d-88c4-7948963dadad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10109", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mpmyxdq5ub2v", "content": "A critical IBM Db2 RCE flaw (CVE-2026-10109) allows pre-auth code execution. IBM patched it plus two other Db2 bugs. Update 11.5 and 12.1 now.", "creation_timestamp": "2026-07-02T02:40:21.810567Z"}, {"uuid": "416cf794-c3c2-48eb-b7dc-0be43c59a140", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10104", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpp2oayxuz2c", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-10104 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 Product Video Gallery \u0434\u043b\u044f WooCommerce: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/EC326E63-EF69-46E0-AA9B-16FB76D13172", "creation_timestamp": "2026-07-02T22:16:22.218047Z"}]}