{"vulnerability": "cve-2026-42496", "sightings": [{"uuid": "b038f35c-275c-4c63-8aa6-5ea7d6628d66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42496", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mmqcvf2y2s26", "content": "Symlink vuln (HIGH) in BINGOS Archive::Tar <3.08: attackers can escape extraction dirs for unauthorized file access. No patch yet \u2014 avoid untrusted tar files. Full details: https://radar.offseq.com/threat/cve-2026-42496-cwe-59-improper-link-resolution-bef-ae924259 #OffSeq #vuln #infosec", "creation_timestamp": "2026-05-26T06:00:37.352053Z"}, {"uuid": "1842dca3-967f-48d4-90bf-aa52d7960cd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42496", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mmqmdp566n25", "content": "CVE-2026-42496: Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory", "creation_timestamp": "2026-05-26T08:49:40.075365Z"}]}