{"vulnerability": "cve-2026-15409", "sightings": [{"uuid": "f5f20f4f-2531-4773-93b1-209b8e374978", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mqmrct2poa2b", "content": "SonicWall\u306eSMA\u30a2\u30d7\u30e9\u30a4\u30a2\u30f3\u30b9\u304c\u30bc\u30ed\u30c7\u30a4\u653b\u6483\u306e\u6a19\u7684\u306b(CVE-2026-15409\u3001CVE-2026-15410)\n\nSonicWall\u306f\u3001\u540c\u793e\u306eSecure Mobile Access(SMA)1000\u30b7\u30ea\u30fc\u30ba\u30a2\u30d7\u30e9\u30a4\u30a2\u30f3\u30b9\u306b\u5f71\u97ff\u3092\u53ca\u307c\u3059\u3001\u5b9f\u969b\u306b\u60aa\u7528\u3055\u308c\u3066\u3044\u308b2\u4ef6\u306e\u8106\u5f31\u6027(CVE-2026-15409\u3001CVE-2026-15410)\u3092\u4fee\u6b63\u3057\u307e\u3057\u305f\u3002\u9867\u5ba2\u4f01\u696d\u306b\u5bfe\u3057\u3066\u306f\u3001\u4fee\u6b63\u6e08\u307f\u306e\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2\u30d0\u30fc\u30b8\u30e7\u30f3\u3078\u306e\u30a2\u30c3\u30d7\u30b0\u30ec...", "creation_timestamp": "2026-07-14T17:48:47.016674Z"}, {"uuid": "a69ac70a-2b4a-4bfb-aac1-666e3d19748d", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/34c85e31-e0d4-4c40-9da2-bd1a5ce5c375", "content": "", "creation_timestamp": "2026-07-14T19:00:30.626227Z"}, {"uuid": "465a2268-8045-417a-a985-23a3d54089f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mqmvbuce4c2u", "content": "SonicWall SMA appliances targeted in zero-day attacks (CVE-2026-15409, CVE-2026-15410)\n\nwww.helpnetsecurity.com/2026/07/14/s...\n\n#Kyberturvallisuus #Haavoittuvuus #AktiivinenHyv\u00e4ksik\u00e4ytt\u00f6", "creation_timestamp": "2026-07-14T18:59:52.376989Z"}, {"uuid": "abd3a802-db45-4e45-9df5-3adc8f1f31b7", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3ba534d7-8ca3-421b-ab0d-616a88c91a62", "content": "", "creation_timestamp": "2026-07-14T20:00:01.655246Z"}, {"uuid": "ddd62e4f-cf57-4ac2-a945-cba6853cbddf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mqmzrvb4nk22", "content": "\ud83d\uded1 CVE-2026-15409\nSonicWall SMA1000 Appliances\nKEV: No\nTL;DR: A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Wor\u2026\nhttps://cvesentinel.com/report/CVE-2026-15409?utm_source=bluesky&amp;utm_medium=social&amp;utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-07-14T20:20:22.675074Z"}, {"uuid": "32c02e9e-ae9f-44b4-9da4-a717967f7465", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mqmzrzarrr22", "content": "\ud83d\udd34 EXPLOITED\n\nSonicWall SMA 1000 remote-access gateways have two zero-day flaws under active attack.\n\nA firmware patch alone will not clean an already-hit box.\n\nRe-image, rotate passwords, reset TOTP codes. (CVE-2026-15409/15410)", "creation_timestamp": "2026-07-14T20:20:27.237379Z"}, {"uuid": "00f1f8c3-501d-4561-ab71-9cb7954ccd2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6989989", "content": "2026-07-14: [CVE-2026-15409] SonicWall SMA1000 Appliances Server-Side Request Forgery VulnerabilitySonicWall SMA1000 Appliances contain a server-side request forgery vulnerability that could allow a remote unauthenticated attacker to potentially cause the appliance to make requests to unintended location.\ncisakev", "creation_timestamp": "2026-07-14T20:37:28.167335Z"}, {"uuid": "d2d07411-9e19-4665-baf1-5a6444e8562c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/bleepingcomputer.com/post/3mqn5d4tfmq27", "content": "SonicWall warns that threat actors have been exploiting two SMA1000 vulnerabilities, tracked as\u00a0CVE-2026-15409 and CVE-2026-15410, in zero-day attacks and urges customers to install the newly released security updates.", "creation_timestamp": "2026-07-14T21:23:42.208155Z"}, {"uuid": "5109f5a9-5753-4220-b753-30ab6a990a09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3mqn5waifn22o", "content": "\ud83d\udea8 Breaking: SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now\nSonicWall warns that threat actors have been exploiting two SMA1000 vulnerabilities, tracked as CVE-2026-15409 and CVE-2026-15410, in zero-day attacks and urges customers to\u2026\n\n\ud83d\udd17 https://hnow.live/a/bd61cd04", "creation_timestamp": "2026-07-14T21:34:23.610401Z"}, {"uuid": "cbae7604-d98f-4029-b6fb-0d59a8bebf9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqna56y7fi2d", "content": "CVE-2026-15409 - sma1000 appliances [known exploited]\nA security issue in SonicWall SMA1000 Appliances could allow an attacker to trick the device into accessing unauthorized websites or\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#sma1000appliances #sonicwall #CVE #infosec", "creation_timestamp": "2026-07-14T22:14:04.310970Z"}, {"uuid": "028c5d66-f443-4b43-a15b-b5609eba3f77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/newssecia.bsky.social/post/3mqnaggxaoy2f", "content": "\ud83e\udd16 SonicWall: two SMA1000 zero-days (CVE-2026-15409, CVE-2026-15410) exploited in the wild. Patches released \u2014 apply now.\nhttps://www.bleepingcomputer.com/news/security/sonicwall-warns-of-sma1000-flaws-exploited-in-zero-day-attacks-patch-now/", "creation_timestamp": "2026-07-14T22:19:15.579063Z"}, {"uuid": "a716e437-44b7-435a-aa07-935a65868dc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "exploited", "source": "https://t.me/BleepingComputer/25109", "content": "\u200aSonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now\n\nSonicWall warns that threat actors have been exploiting two SMA1000 vulnerabilities, tracked as\u00a0CVE-2026-15409 and CVE-2026-15410, in zero-day attacks and urges customers to install the newly released security updates. [...]\n\nhttps://www.bleepingcomputer.com/news/security/sonicwall-warns-of-sma1000-flaws-exploited-in-zero-day-attacks-patch-now/", "creation_timestamp": "2026-07-14T23:00:05.132536Z"}, {"uuid": "3b4b4dee-dd35-4ba4-bb14-a3ec6527d8dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mqnefpclnf2a", "content": "SonicWall reports active zero-day exploitation of SMA1000 flaws CVE-2026-15409 and CVE-2026-15410. CISA has added both to KEV, and affected devices may need re-imaging if compromised. #SonicWall #SMA1000 #CISA", "creation_timestamp": "2026-07-14T23:30:25.929256Z"}, {"uuid": "6d0ee887-b781-4ebf-8903-2aca2fe69f8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "exploited", "source": "https://t.me/BleepingComputer/25109", "content": "\u200aSonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now\n\nSonicWall warns that threat actors have been exploiting two SMA1000 vulnerabilities, tracked as\u00a0CVE-2026-15409 and CVE-2026-15410, in zero-day attacks and urges customers to install the newly released security updates. [...]\n\nhttps://www.bleepingcomputer.com/news/security/sonicwall-warns-of-sma1000-flaws-exploited-in-zero-day-attacks-patch-now/", "creation_timestamp": "2026-07-15T00:00:05.993819Z"}, {"uuid": "aea646af-4247-4194-b715-25e8b54c6456", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mqng6u6m3s2a", "content": "SonicWall SMA1000 SSRF flaw CVE-2026-15409 (CVSS 10.0) is exploited in the wild. Upgrade to hotfix 12.4.3-03453 or 12.5.0-02835 now.\n\n#SonicWall #SMA1000 #SSRF #CVE202615409 #CyberSecurity", "creation_timestamp": "2026-07-15T00:02:22.863076Z"}, {"uuid": "e7ba1719-f052-4ffa-b068-292aa68f51b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/sonicwall-security-advisory-av26-699", "content": "", "creation_timestamp": "2026-07-15T00:15:08.162819Z"}, {"uuid": "7deaec81-0da6-4bad-a95a-9861aaf2aa7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/sonicwall-sma1000-series-products-multiple-vulnerabilities_20260715", "content": "", "creation_timestamp": "2026-07-15T05:15:07.777656Z"}, {"uuid": "42a65bf8-d30d-43fb-a42a-45e7751b2f31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqnztgbmgi2p", "content": "CVE-2026-15409 and CVE-2026-15410: SonicWall's Zero-Day Flaws Are Already Under Attack #CyberSecurity #ZeroDayFlaw #SonicWall", "creation_timestamp": "2026-07-15T05:53:54.531226Z"}, {"uuid": "cbe28ab3-04b7-42be-846e-45bc0854b346", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15409", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqnzts5njc2i", "content": "CVE-2026-15409: Is SonicWall's Urgent Patch Response Adequate? #CyberSecurity #SonicWall #Vulnerabilities", "creation_timestamp": "2026-07-15T05:54:06.504331Z"}]}