{"vulnerability": "cve-2026-1141", "sightings": [{"uuid": "eb2450d2-c6e5-4231-bf14-379a6162d786", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1141", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mcr5fp7hk22r", "content": "", "creation_timestamp": "2026-01-19T07:43:06.118209Z"}, {"uuid": "ce32d2f7-780d-4c51-9003-cc74ec54e411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11419", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnkzcm7lbt24", "content": "CVE-2026-11419 - Path Traversal in Altium Enterprise Server Vault UploadController Allows Arbitrary File Write\nCVE ID : CVE-2026-11419\n \n Published : June 5, 2026, 8:17 p.m. | 15\u00a0minutes ago\n \n Description : A path traversal vulnerability exists in the Altium Enterprise Server...", "creation_timestamp": "2026-06-05T20:50:55.492639Z"}, {"uuid": "b5d1795c-6091-42bb-ada9-9603369a5e93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11414", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnkztxyif42t", "content": "CVE-2026-11414 - Unauthenticated File Exfiltration in Altium Enterprise Server Vault Service via Hard-coded Cryptographic Key and Path Traversal\nCVE ID : CVE-2026-11414\n \n Published : June 5, 2026, 8:17 p.m. | 15\u00a0minutes ago\n \n Description : A hard-coded cryptographic key is u...", "creation_timestamp": "2026-06-05T21:00:38.158838Z"}, {"uuid": "d8e1f043-0589-4750-9d72-0b42c76f5416", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11416", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnlajcy3g72l", "content": "\ud83d\udfe0 CVE-2026-11416 - High (8.1)\n\nMoviePilot contains a path traversal vulnerability in the AliPan, U115, and Rclone cloud storage ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-11416/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-05T22:59:57.797749Z"}, {"uuid": "00efb6c7-a7c3-4ca3-a62c-069309692edc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11419", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnlsyefnvw23", "content": "\ud83d\udea8 CRITICAL vulnerability in Altium Enterprise Server: Authenticated path traversal enables file uploads anywhere on the server \u2014 RCE risk! Cloud not affected. Patch status unknown; check advisories. https://radar.offseq.com/threat/cve-2026-11419-cwe-22-improper-limitation-of-a-pat-2a74f312 #OffSe...", "creation_timestamp": "2026-06-06T04:30:29.776088Z"}, {"uuid": "805bb60e-d17c-4ed4-aa55-cd60608ff725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11419", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116701280781825579", "content": "\ud83d\udea8 CRITICAL: CVE-2026-11419 in Altium Enterprise Server allows authenticated path traversal, enabling file writes anywhere on the server \u2014 RCE possible! Not affecting Altium 365 cloud. Monitor advisories for patches. https://radar.offseq.com/threat/cve-2026-11419-cwe-22-improper-limitation-of-a-pat-2a74f312 #OffSeq #Vuln #Altium", "creation_timestamp": "2026-06-06T04:30:42.640129Z"}, {"uuid": "7b89c416-a00b-449c-ba5b-7746969bad3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11416", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mnlajecvof2j", "content": "\ud83d\udfe0 CVE-2026-11416 - High (8.1)\n\nMoviePilot contains a path traversal vulnerability in the AliPan, U115, and Rclone clown storage ...\n\nhttps://www.themasherwire.com/vulnerability/CVE-2026-11416/\n\n#infosec #potatosecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-05T22:59:58.434706Z"}, {"uuid": "1e0285cb-371e-4c4b-8f72-0faebb0916c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11416", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnlcagfxah2g", "content": "CVE-2026-11416 - MoviePilot Path Traversal via Cloud Storage Download Handlers\nCVE ID : CVE-2026-11416\n \n Published : June 5, 2026, 10:16 p.m. | 57\u00a0minutes ago\n \n Description : MoviePilot contains a path traversal vulnerability in the AliPan, U115, and Rclone cloud storage dow...", "creation_timestamp": "2026-06-05T23:30:45.914792Z"}, {"uuid": "85d02fd1-bcc7-46c6-84eb-09b3dfa0b2d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11416", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mnlmftgkxj2b", "content": "MoviePilot\u306eAliPan\u7b49\u3067\u3001\u30d5\u30a1\u30a4\u30eb\u540d\u306b ../ \u3092\u542b\u3081\u308b\u3068\u3001\u8a2d\u5b9a\u5916\u306e\u4efb\u610f\u30d5\u30a1\u30a4\u30eb\u4e0a\u66f8\u304d\u306e\u6050\u308c\u304c\u3042\u308b\u3002\nCVE-2026-11416 CVSS 8.1 | HIGH", "creation_timestamp": "2026-06-06T02:32:44.793766Z"}, {"uuid": "d40e0c30-7662-4880-8253-00782cbeede0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11413", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116701664812182971", "content": "We have just added an important vulnerability affecting JingDong JD Cloud Box AX6600 (CVE-2026-11413) https://vuldb.com/vuln/368970", "creation_timestamp": "2026-06-06T06:08:07.166329Z"}, {"uuid": "8b1db3b2-bb7d-4cd3-bdfb-e5c391ef9611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11414", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116702696330101939", "content": "\ud83d\udd12 CRITICAL: CVE-2026-11414 in Altium Enterprise Server \u2014 hard-coded keys + path traversal let unauth'd attackers access files & configs, risking full compromise. Restrict access, monitor for fixes. https://radar.offseq.com/threat/cve-2026-11414-cwe-798-use-of-hard-coded-credentia-ab72dad7 #OffSeq #Cybersecurity #CVE2026_11414", "creation_timestamp": "2026-06-06T10:30:27.202642Z"}, {"uuid": "25221057-6648-41d5-a176-8591aed71f29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11414", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnmh43cise2l", "content": "\ud83d\udea8 CRITICAL: Altium Enterprise Server flaw (CVE-2026-11414) allows unauth'd file theft via hard-coded keys & path traversal. Restrict access now & watch for patches. https://radar.offseq.com/threat/cve-2026-11414-cwe-798-use-of-hard-coded-credentia-ab72dad7 #OffSeq #Security #Vulnerability", "creation_timestamp": "2026-06-06T10:30:29.315991Z"}, {"uuid": "9eb4f7b5-86a7-464f-976c-2624efc0d621", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11412", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnmow7vypb2d", "content": "CVE-2026-11412 - Jinher OA GetFormSn.aspx sql injection\nCVE ID : CVE-2026-11412\n \n Published : June 6, 2026, 11:16 a.m. | 1\u00a0hour, 16\u00a0minutes ago\n \n Description : A weakness has been identified in Jinher OA C6. The affected element is an unknown function of the file /C6/JHSoft....", "creation_timestamp": "2026-06-06T12:50:21.872476Z"}, {"uuid": "382a4bc4-a5a9-4d77-a3a8-a77b65ef9673", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11411", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnmpi4r52i23", "content": "CVE-2026-11411 - iAI Lab PDF AI App chatpdf.pro getExternalCacheDir path traversal\nCVE ID : CVE-2026-11411\n \n Published : June 6, 2026, 11:16 a.m. | 1\u00a0hour, 16\u00a0minutes ago\n \n Description : A security flaw has been discovered in iAI Lab PDF AI App 4.21.0 on Android. Impacted is...", "creation_timestamp": "2026-06-06T13:00:22.525501Z"}, {"uuid": "4f3eca7b-3538-4b99-b930-e337ac45069d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11413", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnmxcogcry2s", "content": "CVE-2026-11413 - JingDong JD Cloud Box AX6600 jdcweb_rpc set_macfilter stack-based overflow\nCVE ID : CVE-2026-11413\n \n Published : June 6, 2026, 2:16 p.m. | 58\u00a0minutes ago\n \n Description : A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. ...", "creation_timestamp": "2026-06-06T15:20:30.784191Z"}, {"uuid": "1bbb9157-eccd-46bb-b65a-189bbfbd5f95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11413", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mnmzqoho242i", "content": "JD Cloud Box AX6600 4.5.3.r4546\u306eset_macfilter\u95a2\u6570\u306b\u30b9\u30bf\u30c3\u30af\u30d0\u30c3\u30d5\u30a1\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u306e\u8106\u5f31\u6027\u3002\u30ea\u30e2\u30fc\u30c8\u304b\u3089\u306e\u653b\u6483\u304c\u53ef\u80fd\u3002\nCVE-2026-11413 CVSS 8.8 | HIGH", "creation_timestamp": "2026-06-06T16:04:07.016994Z"}, {"uuid": "87c866a2-d4b1-4da1-92c1-1805c6dc278b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11413", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnnuepdbju2a", "content": "HIGH severity buffer overflow found in JingDong JD Cloud Box AX6600 (4.5.3.r4546). No vendor response or fix \u2014 restrict network access and monitor for updates. https://radar.offseq.com/threat/cve-2026-11413-stack-based-buffer-overflow-in-jing-2be3fa19 #OffSeq #IoTSecurity #Vulnerability", "creation_timestamp": "2026-06-07T00:00:36.679472Z"}, {"uuid": "1610457c-2394-47d6-b7c1-3f9bee874839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11413", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnngweyb3t2b", "content": "\ud83d\udfe0 CVE-2026-11413 - High (8.8)\n\nA security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impac...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-11413/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-06T19:59:58.879044Z"}, {"uuid": "993c49ad-0e6e-4aee-9341-8ffd75348480", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11413", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116705881895179464", "content": "\u26a0\ufe0f HIGH severity: Stack-based buffer overflow in JingDong JD Cloud Box AX6600 v4.5.3.r4546 (CVE-2026-11413). Remote code execution possible. Vendor silent, no patch. Isolate devices & monitor for updates. https://radar.offseq.com/threat/cve-2026-11413-stack-based-buffer-overflow-in-jing-2be3fa19 #OffSeq #Vulnerability #IoTSecurity", "creation_timestamp": "2026-06-07T00:00:40.564318Z"}, {"uuid": "dc60a015-0e64-4d83-9d23-08c0443d9f28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11413", "type": "seen", "source": "https://bsky.app/profile/cybersecinsight.bsky.social/post/3mnp3gp55kl2r", "content": "\ud83d\udd0d Vulnerability Spotlight | Part 2/3\n\n\u26a0\ufe0f CVE-2026-11413\n\nA security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impacted element is the function set_macfilter of the f...", "creation_timestamp": "2026-06-07T11:39:39.193009Z"}, {"uuid": "15f2b31a-32aa-4948-98a5-69f91cb18175", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11410", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moh3bjgwv222", "content": "CVE-2026-11410 - OS Command Injection in BigPond Cable (BPA) Configuration in TP-Link TL-WR940N\nCVE ID : CVE-2026-11410\n \n Published : June 16, 2026, 9:03 p.m. | 2\u00a0hours, 29\u00a0minutes ago\n \n Description : An authenticated OS command injection vulnerability exists in the BigPond ...", "creation_timestamp": "2026-06-17T00:40:39.332564Z"}, {"uuid": "96b32148-bc71-4e8f-8ddc-56bd3b7cccd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11417", "type": "published-proof-of-concept", "source": "Telegram/UUlhUbRH-lM0c2HkqQ_nuE7VUmZM0B1Eg2dBpWy1dBuIGV4", "content": "", "creation_timestamp": "2026-06-13T19:00:11.000000Z"}, {"uuid": "eafe7821-7d7d-4f05-b5ff-10dafd76e971", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11417", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mnxjynboly2i", "content": "aws-cdk-lib 2.245.0\u672a\u6e80\uff08Windows\u3067\u306f2.246.0\u672a\u6e80\uff09\u306eNodejsFunction\u3067OS\u30b3\u30de\u30f3\u30c9\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u3002\u653b\u6483\u8005\u306f\u3001bundling\u30d7\u30ed\u30d1\u30c6\u30a3\u3092\u64cd\u4f5c\u3057\u3001\u2026\nCVE-2026-11417 CVSS 7.3 | HIGH", "creation_timestamp": "2026-06-10T20:21:33.136513Z"}, {"uuid": "69eefbc6-285f-485d-9779-df999277ce55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11417", "type": "seen", "source": "https://gist.github.com/alon710/35567f659305b91f7bbc4ee7db5dd621", "content": "# CVE-2026-11417: CVE-2026-11417: OS Command Injection in AWS CDK NodejsFunction Bundling Pipeline\n\n> **CVSS Score:** 7.3\n> **Published:** 2026-06-15\n> **Full Report:** https://cvereports.com/reports/CVE-2026-11417\n\n## Summary\nA critical supply-chain OS command injection vulnerability exists in the NodejsFunction local bundling pipeline within the AWS Cloud Development Kit (CDK) library (aws-cdk-lib) before version 2.245.0 (and before 2.246.0 on Windows systems). The vulnerability allows a threat actor who can control any of several bundling properties (externalModules, define, loader, inject, or esbuildArgs) to execute arbitrary operating system commands on the host machine running the CDK compilation or deployment toolchain (e.g., during cdk synth, cdk deploy, or cdk diff).\n\n## TL;DR\nUnsanitized input interpolation in the AWS CDK NodejsFunction bundling component allows unauthenticated local command execution during infrastructure synthesis (cdk synth).\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-78\n- **Attack Vector**: Local\n- **CVSS Score**: 7.3 (CVSS:3.1)\n- **EPSS Score**: 0.00657 (Percentile: 46.42%)\n- **Impact**: Unauthenticated OS Command Execution\n- **Exploit Status**: Proof of Concept / Public Exploit Code Available\n- **CISA KEV Status**: Not Listed\n\n## Affected Systems\n\n- AWS CDK (aws-cdk-lib)\n- **aws-cdk-lib**: < 2.245.0 (Fixed in: `2.245.0`)\n- **aws-cdk-lib (Windows)**: < 2.246.0 (Fixed in: `2.246.0`)\n\n## Mitigation\n\n- Upgrade aws-cdk-lib to version 2.245.0 (Linux/macOS) or 2.246.0 (Windows) to enforce direct process spawning\n- Use container-based (Docker) bundling to isolate execution environments\n- Adopt static application security testing (SAST) tools to detect unneutralized shell strings in infrastructure definitions\n\n**Remediation Steps:**\n1. Identify all occurrences of NodejsFunction constructs in AWS CDK infrastructure repositories.\n2. Inspect bundling parameters including externalModules, loader, define, inject, and esbuildArgs for raw unescaped input.\n3. Run 'npm install aws-cdk-lib@latest' to update to a patched version.\n4. Configure pipelines to verify syntax and synthesis in non-privileged environments that restrict local file and network access.\n\n## References\n\n- [NVD CVE Entry](https://nvd.nist.gov/vuln/detail/CVE-2026-11417)\n- [AWS Security Bulletin](https://aws.amazon.com/security/security-bulletins/2026-041-aws/)\n- [GitHub Security Advisory](https://github.com/aws/aws-cdk/security/advisories/GHSA-999r-qq7v-r334)\n- [AWS CDK Local Bundling Pull Request #37292](https://github.com/aws/aws-cdk/pull/37292)\n- [AWS CDK Windows Process Spawning Pull Request #37412](https://github.com/aws/aws-cdk/pull/37412)\n- [AWS CDK Release v2.245.0](https://github.com/aws/aws-cdk/releases/tag/v2.245.0)\n- [Public Proof of Concept Repository](https://github.com/HeshamASH/CVE-2026-11417-AWS-CDK-RCE)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-11417) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-15T21:41:17.000000Z"}, {"uuid": "d9adb427-7bf3-44bb-83d7-31a45ddc03b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11417", "type": "published-proof-of-concept", "source": "Telegram/g-Z01IQljSKSjycu0WnJBuxLXeYVz0YiUnLdjB6TXPfiBRA", "content": "", "creation_timestamp": "2026-06-13T21:00:04.000000Z"}]}