{"vulnerability": "CVE-2026-4444", "sightings": [{"uuid": "0555d0ca-1891-458e-b245-142439eaf1d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4444", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mhmkkninpt2n", "content": "", "creation_timestamp": "2026-03-22T03:01:09.130152Z"}, {"uuid": "98a0d14c-2917-4835-b1a5-d66b09dc42c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44442", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mltpxdc6os2s", "content": "\ud83d\udccc CVE-2026-44442 - ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 16.9.1, certain endpoints failed to enforce proper authorization checks,... https://www.cyberhub.blog/cves/CVE-2026-44442", "creation_timestamp": "2026-05-14T21:07:08.116781Z"}, {"uuid": "d9b0eb9d-7ef4-446b-81be-1bcf9c453c2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-4444", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities_20260324", "content": "", "creation_timestamp": "2026-03-24T01:00:00.000000Z"}, {"uuid": "ce318b53-0f82-4cda-8cd7-5e9aba7b57a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44442", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116569986785870789", "content": "\ud83d\udea8 CRITICAL vuln: ERPNext <16.9.1 (CVE-2026-44442) lets users with limited rights modify data due to missing authorization. Update ASAP to 16.9.1+ to fix. No known exploits yet. Details: https://radar.offseq.com/threat/cve-2026-44442-cwe-862-missing-authorization-in-fr-ebe7ec52 #OffSeq #ERPNext #Vuln #AppSec", "creation_timestamp": "2026-05-14T00:00:41.803147Z"}, {"uuid": "0b05bf4b-3eb9-462e-9a77-6856e50a891c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44442", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlrj6rfwru2j", "content": "CRITICAL: ERPNext <16.9.1 has a missing auth vuln (CVE-2026-44442) \u2014 users could escalate privileges & modify data. Upgrade to 16.9.1+ now. No exploits reported yet. https://radar.offseq.com/threat/cve-2026-44442-cwe-862-missing-authorization-in-fr-ebe7ec52 #OffSeq #ERPNext #Security", "creation_timestamp": "2026-05-14T00:00:42.057045Z"}, {"uuid": "ee7f4383-4241-4f83-bbfd-9b1c7973fe32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44447", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlrpcoduz52c", "content": "CVE-2026-44447 - ERPNext: Possibility of SQL Injection due to missing validation\nCVE ID : CVE-2026-44447\n \n Published : May 13, 2026, 10:16 p.m. | 2\u00a0hours, 8\u00a0minutes ago\n \n Description : ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 16.9.0, some...", "creation_timestamp": "2026-05-14T01:50:15.190574Z"}, {"uuid": "8c47ef2e-3644-4bbd-82ba-9f9597184d1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44449", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmstehswhn2s", "content": "\ud83d\udd34 CVE-2026-44449 - Critical (9.1)\n\nLumiverse is a full-featured AI chat application. Prior to 0.9.7, when the primary toSmbPath(full...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-44449/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-27T06:00:42.946314Z"}]}