{"uuid": "d7e006b3-c3ef-4d81-b52e-1d006caf0918", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-0625", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3moe6z375bz2j", "content": "Anyone still running an end-of-life D-Link DSL modem has an unpatchable bug. CVE-2026-0625 is a CVSS 9.3 command injection in dnscfg.cgi. Unauthenticated attackers seize the device. DSL-526B, 2640B, 2740R and 2780B are affected. Shadowserver has tracked active exploitation since Nov 27.", "creation_timestamp": "2026-06-15T21:09:31.428642Z"}