{"vulnerability": "CVE-2026-48611", "sightings": [{"uuid": "7a52740a-98bb-4653-834b-90d8105a51f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mo2xhfwjef24", "content": "\ud83d\udd34 CVE-2026-48611 - Critical (9.8)\n\nImproper authentication checks in the OAuth implementation allow account hijacking even when OAut...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48611/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-12T05:00:25.771993Z"}, {"uuid": "35ca5189-c5fd-459b-9810-306d1bc3f230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mo2zi7lj7g2b", "content": "CVE-2026-48611 - Google OAuth Account Hijacking Vulnerability\nCVE ID : CVE-2026-48611\n \n Published : June 12, 2026, 4:17 a.m. | 49\u00a0minutes ago\n \n Description : Improper authentication checks in the OAuth implementation allow account hijacking even when OAuth is not configured ...", "creation_timestamp": "2026-06-12T05:36:39.457402Z"}, {"uuid": "eafd2b2b-58c3-452a-8809-b3c12bc6ed8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/ROllerozxa.hachyderm.io.ap.brid.gy/post/3mo4fv2jki6o2", "content": "Apparently there is a critical #phpBB vulnerability (CVE-2026-48611) that allows anyone to hijack user accounts on any forum with a vulnerable version that has mostly flown under the radar. Someone on a forum I frequent managed to log into the admin account to demonstrate it.\n\nThe fix seems to [\u2026]", "creation_timestamp": "2026-06-12T18:51:21.894384Z"}, {"uuid": "b2af75be-7bee-4ddc-aada-4b258ec4f3fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48611", "type": "published-proof-of-concept", "source": "https://www.aikido.dev/blog/authentication-bypass-phpbb-technical-writeup", "content": "", "creation_timestamp": "2026-07-03T04:00:54.957519Z"}, {"uuid": "8a20348a-ba0c-4101-ac56-1389b9d5abb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpsqqmdovk2k", "content": "\ud83d\udc49 PTT-2026-004 (CVE-2026-48611, 9.4): the PoC shows the full path from a single crafted request to a valid admin session. No credentials that work, no prior access, no user interaction. Just the request and the session cookie that _shouldn't_ exist.\n\nAND", "creation_timestamp": "2026-07-04T09:29:28.358277Z"}, {"uuid": "058122fe-b188-49bb-bda8-a9844b365d0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpsqqogfo22k", "content": "\ud83d\udc49 PTT-2026-004 (CVE-2026-48611, 9.4): the PoC shows the full path from a single crafted request to a valid admin session. No credentials that work, no prior access, no user interaction. Just the request and the session cookie that _shouldn't_ exist.\n\nAND", "creation_timestamp": "2026-07-04T09:29:29.216939Z"}, {"uuid": "195ee082-8598-46f1-948a-8df61571c3dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpsqqpiqcc2k", "content": "\ud83d\udc49 PTT-2026-004 (CVE-2026-48611, 9.4): the PoC shows the full path from a single crafted request to a valid admin session. No credentials that work, no prior access, no user interaction. Just the request and the session cookie that _shouldn't_ exist.\n\nAND", "creation_timestamp": "2026-07-04T09:29:30.084249Z"}, {"uuid": "3d1ba36a-7ec6-48e9-8255-014c82f4c1a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48611", "type": "seen", "source": "https://bsky.app/profile/netalexx.bsky.social/post/3mpszfmkkxc2i", "content": "phpBB PTT-2026-004 (CVE-2026-48611) requires a single unauthenticated HTTP request and works on default phpBB installations. PTT-2026-005 (CVE-2026-48612) requires phpBB to have OAuth configured", "creation_timestamp": "2026-07-04T12:04:19.673743Z"}]}