{"vulnerability": "cve-2026-44914", "sightings": [{"uuid": "585a9874-8acc-4006-ba97-a0d31deae0a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44914", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3moqfnp5qnq2s", "content": "CVE-2026-44914: Apache NiFi: Missing Authorization of Restricted Permissions when Replacing Flow Contents", "creation_timestamp": "2026-06-20T17:40:22.920729Z"}, {"uuid": "d201d66e-df75-4059-a5fb-9163c340858b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44914", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3moujjvtdeq2m", "content": "Apache NiFi 1.12.0 \u2013 2.9.0: HIGH severity flaw lets users with write access add restricted components. Upgrade to 2.9.0 or enforce extra controls. CVE-2026-44914. https://radar.offseq.com/threat/cve-2026-44914-cwe-862-missing-authorization-in-ap-41e3d5d03a56632c #OffSeq #Cybersecurity #NiFi", "creation_timestamp": "2026-06-22T09:00:29.965510Z"}, {"uuid": "7ecbc043-6df4-4f7b-bfba-ddd134240034", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44914", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116792939472856881", "content": "CVE-2026-44914: HIGH severity in Apache NiFi (1.12.0 \u2013 2.9.0). Missing authorization lets users with write access add restricted components. Upgrade to 2.9.0 or enforce specific controls. https://radar.offseq.com/threat/cve-2026-44914-cwe-862-missing-authorization-in-ap-41e3d5d03a56632c #OffSeq #NiFi #Vuln #Infosec", "creation_timestamp": "2026-06-22T09:00:38.439396Z"}, {"uuid": "b964c619-3adb-4d24-bbd0-67abde11f22f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44914", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3moum3dbxrd2y", "content": "Apache NiFi 2.10.0 (June 20) fixes CVE-2026-44914, where a user with general write access could add components requiring Restricted permissions, bypassing authorization. It affects 1.12.0 to 2.9.0. How do you gate Restricted components in NiFi?\n#security", "creation_timestamp": "2026-06-22T09:46:01.994703Z"}, {"uuid": "8c1b951d-b913-4005-bd0e-a65cb0d3a94c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44914", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moutcafs422s", "content": "CVE-2026-44914 - Apache NiFi: Missing Authorization of Restricted Permissions when Replacing Flow Contents\nCVE ID : CVE-2026-44914\n \n Published : June 22, 2026, 7:38 a.m. | 4\u00a0hours, 5\u00a0minutes ago\n \n Description : Apache NiFi 1.12.0 through 2.9.0 are missing authorization when ...", "creation_timestamp": "2026-06-22T11:55:09.440421Z"}, {"uuid": "05f43efe-fbff-42f5-ac2d-fc6073710565", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44914", "type": "seen", "source": "https://bsky.app/profile/checkmarxzero.bsky.social/post/3mowzgqkgoc2a", "content": "\ud83d\udea8 CVE-2026-44914 (High) affects Apache NiFi versions 1.12.0 through 2.9.0.\n\nThe vulnerability allows users with general write access to add Restricted components when replacing Process Groups due to missing authorization checks.\n\nUpgrade to Apache NiFi 2.9.0 to mitigate the issue.", "creation_timestamp": "2026-06-23T08:50:22.762018Z"}]}