{"vulnerability": "CVE-2026-54433", "sightings": [{"uuid": "e9a2757a-1842-474a-a732-b3f78a134edd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54433", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mpyab3woyr2p", "content": "\ud83d\udd17 CVE : CVE-2026-54432, CVE-2026-54433", "creation_timestamp": "2026-07-06T13:50:20.838129Z"}, {"uuid": "4dda02a8-e53f-4bce-a943-207f1f54e2c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54433", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mq7vmy67ro2v", "content": "A Roundcube zero-click XSS, CVE-2026-54433, lets an email run script with no click. Roundcube 1.7.2 also fixes a second stored XSS. Update now.\n\n#Roundcube #XSS #ZeroClick #Webmail #StoredXSS #CyberSecurity #Vulnerability #InfoSec", "creation_timestamp": "2026-07-09T15:01:27.199485Z"}]}