{"vulnerability": "cve-2026-9436", "sightings": [{"uuid": "6a6e023c-f763-490a-a86a-817b835d03a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9436", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116634394602750284", "content": "\ud83d\udd34 CRITICAL: Totolink A8000RU (7.1cu.643_b20200521) has an unauthenticated OS command injection bug (CVE-2026-9436). Exploit released, no patch yet. Restrict web management access and monitor closely. https://radar.offseq.com/threat/cve-2026-9436-os-command-injection-in-totolink-a80-126727b4 #OffSeq #Vulnerability #Security #Router", "creation_timestamp": "2026-05-25T09:00:25.690588Z"}, {"uuid": "b422cca6-c926-42f5-8bb8-c818d5d88a31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9436", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mmo4i2gcpn2f", "content": "Totolink A8000RU (7.1cu.643_b20200521) faces CRITICAL OS command injection (CVE-2026-9436). Exploit public, patch unavailable. Restrict admin access and monitor activity now. https://radar.offseq.com/threat/cve-2026-9436-os-command-injection-in-totolink-a80-126727b4 #OffSeq #Vulnerability #IoTSec...", "creation_timestamp": "2026-05-25T09:00:27.456018Z"}]}