{"vulnerability": "cve-2026-49876", "sightings": [{"uuid": "8a84b9df-99c4-47ed-8f77-1d326f56c035", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49876", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mqit4ca7od2c", "content": "CVE-2026-49876: Apache Gravitino: Authenticated SSRF in Gravitino JobManager allows server-side HTTP requests to internal network and cloud metadata endpoints via unvalidated job template URIs", "creation_timestamp": "2026-07-13T04:10:16.518466Z"}, {"uuid": "50cdec41-462f-4b9f-bef8-ddf63dab2fb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49876", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkeqdsbpl2i", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-49876 \u0432 Gravitino: \u0443\u0433\u0440\u043e\u0437\u0430 SSRF \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/44EE2558-FB33-4A63-AA44-854EB766D474", "creation_timestamp": "2026-07-13T18:58:22.660161Z"}, {"uuid": "7ba409d5-4b7b-4e8e-8bb3-19596f9bc07f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49876", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqlcpajd5b2s", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-49876 \u0432 Gravitino: \u0443\u0433\u0440\u043e\u0437\u0430 SSRF \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/2140D778-8E1C-4260-8372-D2C358032FEB", "creation_timestamp": "2026-07-14T03:54:38.076830Z"}]}