{"vulnerability": "cve-2026-42462", "sightings": [{"uuid": "ee8d72b9-7a75-4232-bb8f-e78beb75ced2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42462", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnxsjqshhu2d", "content": "CVE-2026-42462 - Fedify has an LD-Signature Bypass via JSON-LD Named-Graph Restructuring\nCVE ID : CVE-2026-42462\n \n Published : June 10, 2026, 8:22 p.m. | 55\u00a0minutes ago\n \n Description : Fedify is a TypeScript library for building federated server apps powered by ActivityPub. ...", "creation_timestamp": "2026-06-10T22:54:15.478025Z"}, {"uuid": "2a1ae7be-0bfd-41cf-b9ca-3126f08dcb4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42462", "type": "seen", "source": "https://bsky.app/profile/fedify.hollo.social.ap.brid.gy/post/3mmcgyic3lig2", "content": "### Fedify security updates: 1.9.11, 1.10.10, 2.0.18, 2.1.14, and 2.2.3\n\nIf you use Fedify, update to a patched release now. CVE-2026-42462 affects Fedify's Linked Data Signature handling. An attacker could use JSON-LD graph-restructuring features to change how a signed activity is interpreted [\u2026]", "creation_timestamp": "2026-05-20T17:38:59.813650Z"}, {"uuid": "dc73cd54-66e9-4935-97c8-a82b26991e4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42462", "type": "seen", "source": "https://bsky.app/profile/hollo.hollo.social.ap.brid.gy/post/3mmcinnvfjdd2", "content": "### Hollo security updates: 0.7.17, 0.8.6, and 0.9.1\n\nIf you run Hollo, update to a patched release now. CVE-2026-42462 affects Fedify's Linked Data Signature handling, and Hollo depends on Fedify for ActivityPub federation.\n\nFedify verifies incoming ActivityPub activities with several [\u2026]", "creation_timestamp": "2026-05-20T18:10:13.960097Z"}, {"uuid": "40e3d852-24e2-4ce8-94c0-a99d3f2b7a5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42462", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mmdetqhuk22x", "content": "Top 3 CVE for last 7 days:\nCVE-2026-45584: 64 interactions\nCVE-2026-42897: 56 interactions\nCVE-2026-46300: 46 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-45584: 64 interactions\nCVE-2026-46727: 21 interactions\nCVE-2026-42462: 11 interactions\n", "creation_timestamp": "2026-05-21T02:33:02.700443Z"}]}