{"vulnerability": "cve-2026-48714", "sightings": [{"uuid": "a3fa14ef-00f7-4651-bffe-41b91e4e5ff5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48714", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moekfhn56c2n", "content": "CVE-2026-48714 - i18next-http-middleware missingKeyHandler does not reject keys whose segments contain prototype-polluting names\nCVE ID : CVE-2026-48714\n \n Published : June 15, 2026, 10:16 p.m. | 1\u00a0hour, 25\u00a0minutes ago\n \n Description : i18next-http-middleware is a middleware t...", "creation_timestamp": "2026-06-16T00:33:18.297029Z"}, {"uuid": "d15e0b69-c7e6-4c1d-9211-1c147ab5c3ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48714", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moef7y4spa2t", "content": "\ud83d\udd34 CVE-2026-48714 - Critical (9.1)\n\ni18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fa...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48714/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-15T23:00:46.208193Z"}, {"uuid": "d9c97fbe-de1a-41f4-92a0-a73cda53a811", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48714", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3moenlnrkc727", "content": "CRITICAL: i18next-http-middleware <3.9.7 has a prototype pollution flaw in missingKeyHandler. Risk: app crashes, config poisoning. Upgrade to 3.9.7 or restrict handler access now! https://radar.offseq.com/threat/cve-2026-48714-cwe-1321-improperly-controlled-modi-f43de94a #OffSeq #CVE202648714 #No...", "creation_timestamp": "2026-06-16T01:30:27.854431Z"}, {"uuid": "5d895ccb-74fb-483e-bb4b-47e46abbd167", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48714", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116757195997316515", "content": "\ud83d\udea8 CRITICAL: CVE-2026-48714 in i18next-http-middleware (<3.9.7) enables remote prototype pollution via missingKeyHandler. Impacts: app crashes, translation corruption, config poisoning. Upgrade to 3.9.7 or apply mitigations! https://radar.offseq.com/threat/cve-2026-48714-cwe-1321-improperly-controlled-modi-f43de94a #OffSeq #CVE202648714 #infosec", "creation_timestamp": "2026-06-16T01:30:28.233698Z"}]}