{"vulnerability": "cve-2026-7498", "sightings": [{"uuid": "cadb274b-f550-4feb-91e8-3ee7a5be5274", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7498", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mm5hg6fgv72z", "content": "\ud83d\udfe0 CVE-2026-7498 - High (8.8)\n\nImproper neutralization of input during web page generation ('cross-site scripting') vulnerabilit...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-7498/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-18T18:01:00.753230Z"}, {"uuid": "349cc1c9-ad2a-436c-a4c7-1057f881333e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-7498", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mm4oamh4jk2y", "content": "HIGH severity alert: DernekWeb (all versions \u226430122025) has a stored XSS vuln (CVE-2026-7498). No patch yet \u2014 apply WAF rules & monitor for vendor updates. https://radar.offseq.com/threat/cve-2026-7498-cwe-79-improper-neutralization-of-in-3ca40b7c #OffSeq #XSS #WebSecurity", "creation_timestamp": "2026-05-18T10:30:30.036257Z"}, {"uuid": "35c09657-3415-4973-8c05-2e755b5fca4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-7498", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116595112473906096", "content": "HIGH-severity XSS (CVE-2026-7498) in DernekWeb up to v30122025: improper input neutralization allows stored script injection. No patch yet. Use WAF rules & monitor for updates. Details: https://radar.offseq.com/threat/cve-2026-7498-cwe-79-improper-neutralization-of-in-3ca40b7c #OffSeq #XSS #Vuln #InfoSec", "creation_timestamp": "2026-05-18T10:30:30.039092Z"}, {"uuid": "431540f5-ec6e-4409-9ed3-d03c5353b5e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7498", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mm4pa6fywy2p", "content": "CVE-2026-7498 - Stored XSS in Basamak Informatics' DernekWeb\nCVE ID : CVE-2026-7498\n \n Published : May 18, 2026, 9:16 a.m. | 51\u00a0minutes ago\n \n Description : Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Basamak Informatio...", "creation_timestamp": "2026-05-18T10:48:08.515796Z"}]}