{"vulnerability": "CVE-2026-42809", "sightings": [{"uuid": "445e356f-adde-4249-8833-a0b4fe112cb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42809", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml2ekgftrk2p", "content": "CVE-2026-42809 - Apache Polaris: staged table creation could vend storage credentials for unvalidated locations\nCVE ID : CVE-2026-42809\n \n Published : May 4, 2026, 5:16 p.m. | 1\u00a0hour, 4\u00a0minutes ago\n \n Description : Apache Polaris can issue broad temporary (\"vended\") storage cr...", "creation_timestamp": "2026-05-04T19:06:30.160199Z"}, {"uuid": "85cc1e9b-1400-4190-87f3-ab9a62de0368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42809", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml2av2pacn2r", "content": "\ud83d\udd34 CVE-2026-42809 - Critical (9.9)\n\nApache Polaris can issue broad temporary (\"vended\") storage credentials during\nstaged\ntable creat...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42809/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-04T18:00:52.672180Z"}, {"uuid": "badc95af-0891-44ab-be7d-10d339b23bc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42809", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mlnxkhgnyu2f", "content": "\ud83d\udccc CVE-2026-42809 - Apache Polaris can issue broad temporary (\"vended\") storage credentials during\nstaged\ntable creation before the effective table location has been vali... https://www.cyberhub.blog/cves/CVE-2026-42809", "creation_timestamp": "2026-05-12T14:07:07.444635Z"}]}