{"vulnerability": "cve-2026-4352", "sightings": [{"uuid": "7f93f3d7-a636-4ee0-8404-cd1d7d0a7731", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4352", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mjgfdq6jve2p", "content": "", "creation_timestamp": "2026-04-14T03:02:13.794403Z"}, {"uuid": "0a523092-219a-43c8-b514-ecacd920d013", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4352", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mjgkd2ndns2r", "content": "", "creation_timestamp": "2026-04-14T04:31:18.844123Z"}, {"uuid": "a3d86cbe-3c01-456f-a050-984e30ccbbe8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4352", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3mjozwtgb2y2c", "content": "", "creation_timestamp": "2026-04-17T13:32:06.543887Z"}, {"uuid": "fc248767-af91-46a3-9c7c-f1d833ea3a62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43529", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml47uuqaam2p", "content": "CVE-2026-43529 - OpenClaw\nCVE ID : CVE-2026-43529\n \n Published : 5. Mai 2026 11:25 | 56\u00a0Minuten ago\n \n Description : OpenClaw before 2026.4.10 contains a time-of-check-time-of-use vulnerability in the validateScriptFileForShellBleed function that allows local attackers to bypa...", "creation_timestamp": "2026-05-05T12:48:11.446422Z"}, {"uuid": "3f646305-e6cf-45ab-92b4-ac2612b64826", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4352", "type": "published-proof-of-concept", "source": "Telegram/v04jgzFs_dRRg0faEVT7MCYFvzaiVamBu-2mRXh2qzS6BJs", "content": "", "creation_timestamp": "2026-04-14T03:16:35.000000Z"}, {"uuid": "3e4fda29-ea8a-4c67-aeb3-476dd31099d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43527", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml4bstirqs2k", "content": "CVE-2026-43527 - OpenClaw\nCVE ID : CVE-2026-43527\n \n Published : 5. Mai 2026 11:24 | 56\u00a0Minuten ago\n \n Description : OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability in browser SSRF policy that allows private-network navigation by default. Attacke...", "creation_timestamp": "2026-05-05T13:22:50.461065Z"}, {"uuid": "04269871-d957-484c-b39e-56d379cf7ee5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43528", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml4ceqfz5z2n", "content": "CVE-2026-43528 - OpenClaw\nCVE ID : CVE-2026-43528\n \n Published : 5. Mai 2026 11:24 | 56\u00a0Minuten ago\n \n Description : OpenClaw before 2026.4.14 contains a redaction bypass vulnerability that allows authenticated gateway clients to receive unredacted secrets through sourceConfig...", "creation_timestamp": "2026-05-05T13:32:51.237072Z"}, {"uuid": "02d423fb-1873-4062-a8b0-6462f8944515", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43526", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml4htssqrc2q", "content": "CVE-2026-43526 - OpenClaw\nCVE ID : CVE-2026-43526\n \n Published : May 5, 2026, 12:16 p.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : OpenClaw before 2026.4.12 contains a server-side request forgery vulnerability in QQBot reply media URL handling that allows attackers to fetch ar...", "creation_timestamp": "2026-05-05T15:10:45.796741Z"}, {"uuid": "6c257738-242f-41fb-92ae-eb47638fd792", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43526", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mlaxspkmad2s", "content": "\ud83d\udccc CVE-2026-43526 - OpenClaw before 2026.4.12 contains a server-side request forgery vulnerability in QQBot reply media URL handling that allows attackers to fetch arbitr... https://www.cyberhub.blog/cves/CVE-2026-43526", "creation_timestamp": "2026-05-07T10:07:07.553125Z"}, {"uuid": "5e242f1d-e73e-4f96-a96b-6aa85615fe34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43527", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml4uohio2h2s", "content": "\ud83d\udfe0 CVE-2026-43527 - High (7.7)\n\nOpenClaw before 2026.4.14 contains a server-side request forgery vulnerability in browser SSRF po...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-43527/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-05T19:00:26.064367Z"}]}