{"vulnerability": "cve-2026-4944", "sightings": [{"uuid": "e099f20a-359b-4618-93b4-f83f88b13ca9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4944", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmwss4nokb2g", "content": "\ud83d\udfe0 CVE-2026-4944 - High (8.8)\n\nvllm-project/vllm version 0.14.1 contains a vulnerability where the `trust_remote_code=True` para...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-4944/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-28T20:01:05.803403Z"}, {"uuid": "b779ae8c-aba6-4d5f-bded-79e4042b15ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4944", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwxykvxhb2i", "content": "CVE-2026-4944 - Hardcoded trust_remote_code=True in vllm-project/vllm Bypasses User Security Control\nCVE ID : CVE-2026-4944\n \n Published : May 28, 2026, 7:16 p.m. | 1\u00a0hour, 15\u00a0minutes ago\n \n Description : vllm-project/vllm version 0.14.1 contains a vulnerability where the `tru...", "creation_timestamp": "2026-05-28T21:34:10.021945Z"}, {"uuid": "94f3f074-fdce-4cce-94b6-982a44d7bda5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49443", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mndlslsoje2q", "content": "\ud83d\udfe0 CVE-2026-49443 - High (8.8)\n\nauthentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5....\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-49443/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-02T22:00:52.437444Z"}, {"uuid": "f1aa93b7-dcbb-4533-9f16-cc2529dea8b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49448", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mndlst2fsr22", "content": "\ud83d\udd34 CVE-2026-49448 - Critical (9.8)\n\nauthentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5....\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-49448/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-02T22:00:55.385911Z"}, {"uuid": "7909b522-2441-4e79-80f7-62acd5a63512", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49448", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mndpfsttse2i", "content": "CVE-2026-49448 - Critical authentication bypass in Authentik. Sending an empty POST bypasses the Source stage. CVSS 9.8. Update to 2025.12.6, 2026.2.4, or 2026.5.1 immediately. #CVE #Authentik #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-49448/", "creation_timestamp": "2026-06-02T23:05:07.824942Z"}, {"uuid": "ee5aeed4-b1cd-4f22-9e6f-8e81e550d337", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49443", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mndqvbhnqd2d", "content": "CVE-2026-49443 - authentik: `UserSourceConnection.user` and `GroupSourceConnection.group` are changeable through the API\nCVE ID : CVE-2026-49443\n \n Published : June 2, 2026, 9:16 p.m. | 1\u00a0hour, 57\u00a0minutes ago\n \n Description : authentik is an open-source identity provider. Prio...", "creation_timestamp": "2026-06-02T23:31:39.883498Z"}, {"uuid": "f275ddf1-f851-4846-aca3-4357ddcf31d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49448", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mndrhe3k6f2d", "content": "CVE-2026-49448 - authentik: SourceStage bypass via empty POST\nCVE ID : CVE-2026-49448\n \n Published : June 2, 2026, 9:16 p.m. | 1\u00a0hour, 57\u00a0minutes ago\n \n Description : authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, the Source...", "creation_timestamp": "2026-06-02T23:41:46.580822Z"}, {"uuid": "92ff029d-b1de-4189-aadc-a10020a742f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49448", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mnilgaxbpr2s", "content": "\ud83d\udccc CVE-2026-49448 - authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, the Source stage can be bypassed by sending an emp... https://www.cyberhub.blog/cves/CVE-2026-49448", "creation_timestamp": "2026-06-04T21:37:06.219447Z"}, {"uuid": "d5a9c870-fb04-46be-94ff-d1d8ead4a8d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49443", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mniqh7zbwt2f", "content": "\ud83d\udccc CVE-2026-49443 - authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, an attacker with the ability to change a source co... https://www.cyberhub.blog/cves/CVE-2026-49443", "creation_timestamp": "2026-06-04T23:07:07.328479Z"}, {"uuid": "34b60b29-67d9-48fb-bf48-3df83c245bf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49445", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpymgi7xds2j", "content": "CVE-2026-49445 - cilium\nCilium, a network and security solution, has a vulnerability that allows local attackers to access sensitive information and disrupt cluster operations. This affects Cilium versions\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#cilium #Golang #CVE #infosec", "creation_timestamp": "2026-07-06T17:28:07.393268Z"}, {"uuid": "e4ce2c9a-d0bf-4fc8-aa6a-36b467914c36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49445", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqpmimlsxf2i", "content": "\ud83d\udd34 CVE-2026-49445 - Critical (9.2)\n\nCilium is a networking, observability, and security solution. Prior to 1.17.14, 1.18.8, and 1.19....\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-49445/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-15T21:00:32.654969Z"}, {"uuid": "ca1962ae-436f-4447-960d-e589922e520c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49445", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqpxhi2awm2w", "content": "CVE-2026-49445 - Cilium: Sensitive information disclosure and cluster disruption via local Envoy admin socket access\nCVE ID : CVE-2026-49445\n \n Published : July 15, 2026, 8:17 p.m. | 2\u00a0hours, 17\u00a0minutes ago\n \n Description : Cilium is a networking, observability, and security s...", "creation_timestamp": "2026-07-16T00:16:44.991499Z"}, {"uuid": "6069967d-2cfd-4af4-9c73-c64bd806571c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49445", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqvgwvdhqz2v", "content": "\ud83d\udccc CVE-2026-49445 - Cilium is a networking, observability, and security solution. Prior to 1.17.14, 1.18.8, and 1.19.2, when Cilium L7 functionality is enabled, the embed... https://www.cyberhub.blog/cves/CVE-2026-49445", "creation_timestamp": "2026-07-18T04:37:07.583231Z"}]}