{"uuid": "195ee082-8598-46f1-948a-8df61571c3dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpsqqpiqcc2k", "content": "\ud83d\udc49 PTT-2026-004 (CVE-2026-48611, 9.4): the PoC shows the full path from a single crafted request to a valid admin session. No credentials that work, no prior access, no user interaction. Just the request and the session cookie that _shouldn't_ exist.\n\nAND", "creation_timestamp": "2026-07-04T09:29:30.084249Z"}