{"vulnerability": "cve-2026-4208", "sightings": [{"uuid": "6b1c1646-ffc3-4564-a853-d8faf70fca4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4208", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116244049393964932", "content": "", "creation_timestamp": "2026-03-17T10:30:30.314062Z"}, {"uuid": "7c05d6ad-231a-4a12-93a8-9072057ff014", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4208", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mhardlwxe22o", "content": "", "creation_timestamp": "2026-03-17T10:30:32.482390Z"}, {"uuid": "b8d866fc-929d-495d-b676-56501b280c6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42088", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml2bwjcjwo2n", "content": "\ud83d\udd34 CVE-2026-42088 - Critical (9.6)\n\nOpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42088/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-04T18:19:35.345253Z"}, {"uuid": "559c75d7-965a-42e2-94d1-ea276a56e7b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42084", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml2bwqjgot2c", "content": "\ud83d\udfe0 CVE-2026-42084 - High (8.1)\n\nOpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42084/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-04T18:19:42.553441Z"}, {"uuid": "d1005db3-e240-4b46-bd78-592fcbf409e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42087", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml2c63yso62r", "content": "\ud83d\udd34 CVE-2026-42087 - Critical (9.6)\n\nOpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42087/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-04T18:23:50.030880Z"}, {"uuid": "af8cca6a-bcd5-43a8-b432-bde4c2d97148", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42087", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml2cgemy2x2v", "content": "CVE-2026-42087 - OpenC3 COSMOS: SQL Injection in QuestDB Time-Series Data Base\nCVE ID : CVE-2026-42087\n \n Published : May 4, 2026, 5:18 p.m. | 1\u00a0hour, 2\u00a0minutes ago\n \n Description : OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one o...", "creation_timestamp": "2026-05-04T18:28:26.406327Z"}, {"uuid": "a11ba6a6-ea1c-4efa-83f0-b2d3d8c092d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42088", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml2cwddwoq2v", "content": "CVE-2026-42088 - OpenC3 COSMOS: Administrative Actions via the Script Runner Tool\nCVE ID : CVE-2026-42088\n \n Published : May 4, 2026, 5:21 p.m. | 59\u00a0minutes ago\n \n Description : OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or mo...", "creation_timestamp": "2026-05-04T18:37:22.233204Z"}, {"uuid": "eb63f30e-f094-43e3-a479-2fe430891e83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42084", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml2jp52qbe2p", "content": "CVE-2026-42084 - OpenC3 COSMOS: Hijacked session token can be used to reset password for persistence\nCVE ID : CVE-2026-42084\n \n Published : May 4, 2026, 6:16 p.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : OpenC3 COSMOS provides the functionality needed to send commands to and ...", "creation_timestamp": "2026-05-04T20:38:36.781235Z"}, {"uuid": "5548e7ad-1ff3-4cdc-83ba-d8546fdbd815", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42083", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mmxak3bve72s", "content": "\ud83d\udccc CVE-2026-42083 - free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, PCF Npcf_SMPolicyControl missing authentication middleware allows una... https://www.cyberhub.blog/cves/CVE-2026-42083", "creation_timestamp": "2026-05-29T00:07:08.301278Z"}, {"uuid": "60fac494-17b6-4735-a82b-d2416719a5b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42080", "type": "seen", "source": "https://gist.github.com/alon710/b2bc5ba5f8df2172d7f1f2a079b556ec", "content": "# CVE-2026-42080: CVE-2026-42080: Arbitrary File Write and Path Traversal in PPTAgent MCP Server\n\n> **CVSS Score:** 4.6\n> **Published:** 2026-05-05\n> **Full Report:** https://cvereports.com/reports/CVE-2026-42080\n\n## Summary\nPPTAgent versions prior to commit 418491a9a1c02d9d93194b5973bb58df35cf9d00 contain a path traversal vulnerability (CWE-22) within the Model Context Protocol (MCP) server's file handling mechanisms. An attacker with low privileges can supply crafted file paths containing traversal sequences to write files or create directories outside the intended workspace boundaries. This results in unauthorized file modification and limited host filesystem exposure.\n\n## TL;DR\nA path traversal flaw in PPTAgent allows low-privileged attackers to write PowerPoint presentations and image files to arbitrary locations on the host filesystem via unvalidated path inputs.\n\n## Technical Details\n\n- **Vulnerability Class**: CWE-22: Path Traversal\n- **Attack Vector**: Network\n- **CVSS v3.1 Score**: 4.6\n- **EPSS Score**: 0.00036\n- **Impact**: Arbitrary File Write / Directory Creation\n- **Exploit Status**: None\n- **CISA KEV**: Not Listed\n\n## Affected Systems\n\n- PPTAgent (icip-cas)\n- **PPTAgent**: < 418491a9a1c02d9d93194b5973bb58df35cf9d00 (Fixed in: `418491a9a1c02d9d93194b5973bb58df35cf9d00`)\n\n## Mitigation\n\n- Update PPTAgent to commit 418491a9a1c02d9d93194b5973bb58df35cf9d00 or later.\n- Run the PPTAgent MCP server with a dedicated, low-privileged user account.\n- Implement mandatory access controls to strictly limit write access to intended workspace directories.\n\n**Remediation Steps:**\n1. Pull the latest version of the PPTAgent repository containing commit 418491a9a1c02d9d93194b5973bb58df35cf9d00.\n2. Restart the PPTAgent MCP service to apply the updated Python codebase.\n3. Verify the service user account lacks write permissions outside the designated application workspace.\n\n## References\n\n- [NVD Vulnerability Detail - CVE-2026-42080](https://nvd.nist.gov/vuln/detail/CVE-2026-42080)\n- [GitHub Security Advisory GHSA-pxhg-7xr2-w7xg](https://github.com/icip-cas/PPTAgent/security/advisories/GHSA-pxhg-7xr2-w7xg)\n- [Patch Commit 418491a9a1c02d9d93194b5973bb58df35cf9d00](https://github.com/icip-cas/PPTAgent/commit/418491a9a1c02d9d93194b5973bb58df35cf9d00)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-42080) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-05T19:10:28.000000Z"}, {"uuid": "d3f5fa74-2808-4a66-a6bb-292e1c8bf462", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42087", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mletuecyio2f", "content": "\ud83d\udccc CVE-2026-42087 - OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From version 6.7.0 to before v... https://www.cyberhub.blog/cves/CVE-2026-42087", "creation_timestamp": "2026-05-08T23:07:07.166483Z"}, {"uuid": "70033f5b-b27e-4a8c-8201-c75ebf5e4d76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42084", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mlf4amfyx22h", "content": "\ud83d\udccc CVE-2026-42084 - OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7... https://www.cyberhub.blog/cves/CVE-2026-42084", "creation_timestamp": "2026-05-09T01:37:08.220151Z"}, {"uuid": "4e8caa8b-d0f2-4181-82f2-d4ca48948c28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42086", "type": "published-proof-of-concept", "source": "https://github.com/OpenC3/cosmos/security/advisories/GHSA-ffq5-qpvf-xq7x", "content": "", "creation_timestamp": "2026-04-20T03:12:34.000000Z"}, {"uuid": "abe3a552-7a19-461e-9c91-0fe868d2f73f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42085", "type": "published-proof-of-concept", "source": "https://github.com/OpenC3/cosmos/security/advisories/GHSA-4jvx-93h3-f45h", "content": "", "creation_timestamp": "2026-04-20T03:10:27.000000Z"}, {"uuid": "1fd5d1ee-6ae7-49df-bf0a-445d2bca2855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42084", "type": "published-proof-of-concept", "source": "https://github.com/OpenC3/cosmos/security/advisories/GHSA-wgx6-g857-jjf7", "content": "", "creation_timestamp": "2026-04-20T03:08:12.000000Z"}]}