{"vulnerability": "CVE-2026-45323", "sightings": [{"uuid": "d6dbf14d-fe78-4ac6-b085-8e85947e1933", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45323", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwu2bimnj2p", "content": "CVE-2026-45323 - MeshCore Card: XSS vulnerability through meshcore node name\nCVE ID : CVE-2026-45323\n \n Published : May 28, 2026, 6:16 p.m. | 54\u00a0minutes ago\n \n Description : MeshCore Card provides MeshCore Lovelace card for Home Assistant. Prior to 0.3.3, Meshcore node names a...", "creation_timestamp": "2026-05-28T20:23:32.282544Z"}, {"uuid": "3f6163a2-91cf-4834-a117-64a56e86d2de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45323", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mng6cmphwd2o", "content": "\ud83d\udccc CVE-2026-45323 - MeshCore Card provides MeshCore Lovelace card for Home Assistant. Prior to 0.3.3, Meshcore node names are rendered without HTML escaping in meshcore-c... https://www.cyberhub.blog/cves/CVE-2026-45323", "creation_timestamp": "2026-06-03T22:37:06.633233Z"}, {"uuid": "513fa4da-c408-469c-b615-2d7b51750b85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45323", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmwpgnynjr2c", "content": "\ud83d\udd34 CVE-2026-45323 - Critical (9.6)\n\nMeshCore Card provides MeshCore Lovelace card for Home Assistant. Prior to 0.3.3, Meshcore node n...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-45323/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-28T19:01:00.135248Z"}, {"uuid": "c3b21e99-8ec4-411e-a082-612265656d25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45323", "type": "seen", "source": "https://bsky.app/profile/mxsash.bsky.social/post/3mnexue47hk2t", "content": "meshcore-card was fixed within a day in v0.3.3 (CVE-2026-45323). Around 20 MeshCore analyzer websites are likely affected too, including CoreScope, where a vibecoding bot seems to have broken the XSS filter while hallucinating a bugfix.", "creation_timestamp": "2026-06-03T11:09:08.844175Z"}, {"uuid": "0fc89fb4-6c5b-4169-b188-326604f06d5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45323", "type": "seen", "source": "https://bsky.app/profile/mxsash.bsky.social/post/3mnexugleo22t", "content": "meshcore-card was fixed within a day in v0.3.3 (CVE-2026-45323). Around 20 MeshCore analyzer websites are likely affected too, including CoreScope, where a vibecoding bot seems to have broken the XSS filter while hallucinating a bugfix.", "creation_timestamp": "2026-06-03T11:09:09.380978Z"}, {"uuid": "e7dce0f2-f57e-438a-8814-61c454334b2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45323", "type": "seen", "source": "https://bsky.app/profile/mxsash.bsky.social/post/3mnexugleo32t", "content": "meshcore-card was fixed within a day in v0.3.3 (CVE-2026-45323). Around 20 MeshCore analyzer websites are likely affected too, including CoreScope, where a vibecoding bot seems to have broken the XSS filter while hallucinating a bugfix.", "creation_timestamp": "2026-06-03T11:09:09.897980Z"}]}