{"vulnerability": "cve-2026-3069", "sightings": [{"uuid": "cdc3e233-39c1-4f80-b351-e1b652c4f73e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-3069", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mfomznmbce2e", "content": "", "creation_timestamp": "2026-02-25T12:00:16.419131Z"}, {"uuid": "2a34e88d-e1cb-4299-899e-874428b92204", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-3069", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mflo2p7n5g2h", "content": "", "creation_timestamp": "2026-02-24T07:40:46.112351Z"}, {"uuid": "817cb1b2-9234-4626-ba75-cc75b7d0aba2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-3069", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mflgdmw5oz2o", "content": "", "creation_timestamp": "2026-02-24T05:22:35.338845Z"}, {"uuid": "f9528c25-a81a-4be2-ae3f-ad7c5eb7b466", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-30691", "type": "seen", "source": "https://t.me/GithubRedTeam/84834", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-30691\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a walidriouah\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-19 14:53:52\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-30691: Stored Cross-Site Scripting (XSS) in @cyntler/react-doc-viewer\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-19T15:00:05.000000Z"}, {"uuid": "c0f4fa59-05cf-4ca8-9c53-0391fcd5b538", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-30693", "type": "seen", "source": "https://gist.github.com/GaniiGanesh/82723ef74e1e113debe67fd45738ccd5", "content": "CVE-2026-30693\n\nVendor:\nMeetmux\n\nProduct:\nMeetmux Web Application\n\nVulnerability Type:\nIncorrect Access Control\n\nAffected Component:\nBackend REST API endpoint /api/vender\n\nAttack Type:\nRemote\n\nDescription:\nAn improper access control vulnerability exists in the Meetmux web application where a backend API endpoint exposes sensitive vendor registration data without authentication. Vendor information is submitted through a public registration page; however, the corresponding API endpoint allows remote unauthenticated attackers to retrieve registered vendor records, including personally identifiable information, by directly accessing the /api/vender endpoint hosted on vender-server.vercel.app.\n\nAttack Vector:\nA remote unauthenticated attacker can send an HTTP GET request to the backend API endpoint /api/vender hosted on vender-server.vercel.app to retrieve registered vendor data without authorization.\n\nImpact:\nUnauthorized disclosure of sensitive vendor information.\n\nDiscoverer:\nGanesh S\n\nDisclosure Status:\nVendor contacted responsibly prior to publication.", "creation_timestamp": "2026-05-07T05:51:21.000000Z"}, {"uuid": "207a26ab-5d0d-416b-b716-271e5e589d89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-30691", "type": "published-proof-of-concept", "source": "Telegram/SM41ZgDjE5GCx8_K5BndOjKQZfdnq7khstyXQtIQ9aWd83s", "content": "", "creation_timestamp": "2026-05-19T21:00:04.000000Z"}]}