{"vulnerability": "cve-2026-28496", "sightings": [{"uuid": "f0743965-999b-4fc3-a33a-2871e2e658ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28496", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moxs32hcvd2w", "content": "CVE-2026-28496 - FOSSBilling: Server-side template injection in Twig template rendering enables information disclosure and RCE\nCVE ID : CVE-2026-28496\n \n Published : June 23, 2026, 2:20 p.m. | 1\u00a0hour, 23\u00a0minutes ago\n \n Description : FOSSBilling is a free, open-source billing a...", "creation_timestamp": "2026-06-23T16:11:13.997223Z"}, {"uuid": "2860f536-e4bd-4758-b2fb-6ea34e754233", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28496", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116800802356327413", "content": "New.\n\"Today VulnCheck is disclosing CVE-2026-28496, an unauthenticated remote code execution chain in FOSSBilling, the open-source billing and client-management platform.\"\nVulnCheck: CVE-2026-28496 - FOSSBilling Auth Bypass and Twig SSTI to Unauthenticated RCE https://www.vulncheck.com/blog/fossbilling-auth-bypass-ssti-rce @vulncheck #infosec #opensource #vulnerability", "creation_timestamp": "2026-06-23T18:20:14.295475Z"}, {"uuid": "8d7cdd41-f28f-498c-b8fa-c6da4e6f363b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28496", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-28496.yaml", "content": "", "creation_timestamp": "2026-06-23T07:40:44.000000Z"}]}