{"vulnerability": "cve-2026-5398", "sightings": [{"uuid": "9d876ccb-99d2-45b8-976e-cbe92a5f472d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5398", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mk2nsadkcu2i", "content": "", "creation_timestamp": "2026-04-22T04:26:44.169652Z"}, {"uuid": "630c4c42-96a1-415d-9397-c00810a3b5a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5398", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mk4g4rep222f", "content": "", "creation_timestamp": "2026-04-22T21:14:47.794622Z"}, {"uuid": "c9e1d58e-d2fc-497d-a807-213f44e568d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5398", "type": "seen", "source": "Telegram/GWv-rb7UfX_BXuTinSPZbLsKECuSpybC90nlKZTm2UKU7Bs", "content": "", "creation_timestamp": "2026-04-22T17:24:29.000000Z"}, {"uuid": "a0fffe2d-67fc-4124-92f9-6f67c51b188e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5398", "type": "seen", "source": "https://infosec.exchange/users/wdormann/statuses/116675497913967123", "content": "Not even mentioned in the blog post because Calif didn't discover them are two more LPEs:CVE-2026-6386 - amd64CVE-2026-5398 - tty\nAnd an RCE in dhclient (\ud83d\ude2e)CVE-2026-42511 - dhclient\nThat's right, a malicious DHCP server on your network can run commands as root on FreeBSD that isn't fully patched. (Yes, I ran dhclient as root here to demonstrate the vul, but the same thing would happen automatically with a couple of boots of the victim).", "creation_timestamp": "2026-06-01T15:15:43.345722Z"}]}