{"vulnerability": "cve-2026-49998", "sightings": [{"uuid": "35a33617-b61d-4f2c-904b-551e14e6c8a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-49998", "type": "published-proof-of-concept", "source": "https://github.com/centrifugal/centrifugo/security/advisories/GHSA-g6vg-wj8f-48cj", "content": "", "creation_timestamp": "2026-07-01T22:35:18.298689Z"}, {"uuid": "6872c681-3e0a-4e0f-915a-d6562b54ebed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49998", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqsf7jmkdr2m", "content": "CVE-2026-49998 - Centrifugo: Dynamic JWKS key cache keyed only by `kid` allows cross-issuer JWT authentication bypass\nCVE ID : CVE-2026-49998\n \n Published : July 16, 2026, 8:16 p.m. | 2\u00a0hours, 17\u00a0minutes ago\n \n Description : Centrifugo is an open-source scalable real-time mess...", "creation_timestamp": "2026-07-16T23:28:09.969294Z"}]}