{"vulnerability": "CVE-2026-4662", "sightings": [{"uuid": "fbb4a6b7-3fab-4b7e-bb89-a582234d40ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4662", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mhrtkggkyx2u", "content": "", "creation_timestamp": "2026-03-24T05:25:24.346270Z"}, {"uuid": "5cb40029-6a1d-428b-abea-6091015349b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46629", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbp7unvxr2b", "content": "\ud83d\udd10 CVE-2026-46629: Unbounded formatter memoisation in twig/intl-extra keyed on template-controlled arguments\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-46629-unbounded-formatter-memoisation-in-twig-intl-extra-keyed-on-template-controlled-arguments", "creation_timestamp": "2026-05-20T10:31:16.748347Z"}, {"uuid": "06b266d9-1ec0-4363-92a4-8fc5332b3536", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46628", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbp7zdlyz2b", "content": "\ud83d\udd10 CVE-2026-46628: The `spaceless` filter implicitly marks its output as safe\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-46628-the-spaceless-filter-implicitly-marks-its-output-as-safe", "creation_timestamp": "2026-05-20T10:31:21.628196Z"}, {"uuid": "961f8605-4db2-49b4-805a-6a98e74d612c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46627", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbpa5zf3m2v", "content": "\ud83d\udd10 CVE-2026-46627: Sandbox does not protect against resource exhaustion\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-46627-sandbox-does-not-protect-against-resource-exhaustion", "creation_timestamp": "2026-05-20T10:31:26.743891Z"}, {"uuid": "5209fcfc-d9bb-47c1-b62e-58291f15df6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46626", "type": "seen", "source": "https://bsky.app/profile/symfony.com/post/3mmbqwtodhw2b", "content": "\ud83d\udd10 CVE-2026-46626: SymfonyRuntime CVE-2024-50340 Patch Bypass via parse_str/SAPI Argv Mismatch\n\u27a1\ufe0f https://symfony.com/blog/cve-2026-46626-symfonyruntime-cve-2024-50340-patch-bypass-via-parse-str-sapi-argv-mismatch", "creation_timestamp": "2026-05-20T11:02:01.159613Z"}, {"uuid": "b399e528-6ee0-424a-b777-bb047a4643df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46626", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmc3qc4eg22q", "content": "\ud83d\udd17 CVE : CVE-2026-45070, CVE-2026-45077, CVE-2026-45304, CVE-2026-45305, CVE-2026-45753, CVE-2026-45754, CVE-2026-45755, CVE-2026-45756, CVE-2026-46626, CVE-2026-47212", "creation_timestamp": "2026-05-20T14:15:13.876320Z"}, {"uuid": "78ab7492-6cb1-4367-8962-d0da0beea52b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-46625", "type": "published-proof-of-concept", "source": "https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j", "content": "", "creation_timestamp": "2026-05-16T05:48:24.000000Z"}, {"uuid": "ef32c352-1ca9-4b93-9fdc-478e955ba6c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46624", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mmtwwhceoy2u", "content": "\ud83d\udccc CVE-2026-46624 - Twenty is an open source CRM. From 1.7.7 through 1.16.7, a critical Remote Code Execution (RCE) vulnerability exists in Twenty CRM via a chained SQL I... https://www.cyberhub.blog/cves/CVE-2026-46624", "creation_timestamp": "2026-05-27T16:37:41.423142Z"}, {"uuid": "b45c9928-8252-47af-82f8-f3756ade7810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-46621", "type": "published-proof-of-concept", "source": "https://github.com/yamcs/yamcs/security/advisories/GHSA-2g95-6x5q-xjwj", "content": "", "creation_timestamp": "2026-05-21T15:02:27.000000Z"}, {"uuid": "45a9a976-95a4-4ff2-9ba2-b7d412666871", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46625", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mnxtfp7clr23", "content": "CVE-2026-46625 - Prototype Pollution in js-cookie &lt; 3.0.7. CVSS 7.5. Unpatched. Hijacks Object.prototype via __proto__ assignment. Update immediately. #CVE #JavaScript #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-46625/", "creation_timestamp": "2026-06-10T23:09:53.292225Z"}, {"uuid": "ae625fb0-1f1d-45a3-ad4e-ced3f120bb6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46622", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mo26xyzixc2d", "content": "CVE-2026-46622 - SolidInvoice: API tokens stored as plaintext in the database allowing full credential compromise on database breach\nCVE ID : CVE-2026-46622\n \n Published : June 11, 2026, 8:16 p.m. | 1\u00a0hour, 3\u00a0minutes ago\n \n Description : SolidInvoice is an open-source invoicin...", "creation_timestamp": "2026-06-11T21:42:18.277180Z"}, {"uuid": "31920c73-212e-45e0-8aa4-023c3fd9bf68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46622", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moc3io7van2x", "content": "\ud83d\udfe0 CVE-2026-46622 - High (8.1)\n\nSolidInvoice is an open-source invoicing platform. Prior to version 2.3.17, API tokens used to au...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-46622/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-15T01:01:21.272118Z"}, {"uuid": "721148ec-814f-4e8a-88ec-f61dfd588c21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46621", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqroqkzgbc2j", "content": "CVE-2026-46621 - org.yamcs:yamcs-core\nAn attacker with permission to update mission databases can exploit Yamcs by inserting malicious code into Python algorithms. This allows them to run commands on the server,\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#yamcs #Java #CVE #infosec", "creation_timestamp": "2026-07-16T16:46:05.807082Z"}, {"uuid": "c9fe9e68-ad0d-4c02-b043-d119391233ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46621", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqrxcl3oag2n", "content": "CVE-2026-46621 - Yamcs: Authenticated Remote Code Execution (RCE) via Jython Algorithm Code Injection\nCVE ID : CVE-2026-46621\n \n Published : July 16, 2026, 5:16 p.m. | 1\u00a0hour, 17\u00a0minutes ago\n \n Description : Yamcs is a mission control framework. Prior to 5.12.7, the Yamcs scri...", "creation_timestamp": "2026-07-16T19:19:19.786906Z"}]}