{"vulnerability": "cve-2026-52887", "sightings": [{"uuid": "1483f96f-83fc-42a4-9094-737a55f038ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52887", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqpmoxunof2w", "content": "CVE-2026-52887 - nocobase\nNocoBase's in-app messaging feature allows attackers to inject malicious SQL code. This could potentially give an attacker control over a database and allow them to execute unauthorized\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#nocobase #CVE #infosec", "creation_timestamp": "2026-07-15T21:04:09.596663Z"}, {"uuid": "10446587-7ea4-43a9-800e-78071230b658", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52887", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqppu2ragj2n", "content": "\ud83d\udd34 CVE-2026-52887 - Critical (10)\n\nNocoBase is an AI-powered no-code/low-code platform for building business applications and enterp...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-52887/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-15T22:00:37.725597Z"}, {"uuid": "5d5386bf-7c45-4299-99f4-54f4a58f48bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52887", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqpzjwga2c2m", "content": "CVE-2026-52887 - NocoBase: SQL injection in /api/myInAppChannels:list filter to PG-superuser RCE\nCVE ID : CVE-2026-52887\n \n Published : July 15, 2026, 9:16 p.m. | 1\u00a0hour, 17\u00a0minutes ago\n \n Description : NocoBase is an AI-powered no-code/low-code platform for building business ...", "creation_timestamp": "2026-07-16T00:53:54.505971Z"}]}