{"vulnerability": "CVE-2026-5542", "sightings": [{"uuid": "dd63280c-be08-4380-8a9d-07409546da3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5542", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3miqcofacya2o", "content": "", "creation_timestamp": "2026-04-05T08:15:55.095786Z"}, {"uuid": "f9330779-be3d-4b46-88bd-5b0b90739ee8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55426", "type": "published-proof-of-concept", "source": "https://github.com/Linuxfabrik/monitoring-plugins/security/advisories/GHSA-798h-hpph-m24j", "content": "", "creation_timestamp": "2026-07-06T22:35:11.893462Z"}, {"uuid": "d41c5b6b-b447-431a-891c-0fbbba8ad462", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55427", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq46e2c6zy2t", "content": "CVE-2026-55427 - Coder vulnerable to SSH config injection via unsanitized server-supplied values in `coder config-ssh`\nCVE ID : CVE-2026-55427\n \n Published : July 8, 2026, 12:16 a.m. | 2\u00a0hours, 58\u00a0minutes ago\n \n Description : Coder allows organizations to provision remote deve...", "creation_timestamp": "2026-07-08T03:26:51.851444Z"}, {"uuid": "882a9cc2-a086-4663-85ff-6067936599ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55428", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq46mypl2d2k", "content": "CVE-2026-55428 - Coder: Route hijacking through lack of validation of agent-supplied AllowedIPs in tailnet coordinator\nCVE ID : CVE-2026-55428\n \n Published : July 8, 2026, 12:16 a.m. | 2\u00a0hours, 58\u00a0minutes ago\n \n Description : Coder allows organizations to provision remote deve...", "creation_timestamp": "2026-07-08T03:31:51.842746Z"}, {"uuid": "43facbf9-5a58-4f13-bc46-b207b5e8d9d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55429", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq46vx56ta24", "content": "CVE-2026-55429 - Coder's workspace app upsert allows cross-workspace agent rebinding via user-controlled app ID\nCVE ID : CVE-2026-55429\n \n Published : July 8, 2026, 12:16 a.m. | 2\u00a0hours, 58\u00a0minutes ago\n \n Description : Coder allows organizations to provision remote development...", "creation_timestamp": "2026-07-08T03:36:52.029982Z"}, {"uuid": "483d6142-e5a8-4fdc-aa9c-b0e0f639de6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55429", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mqa2y2ktgq25", "content": "\ud83d\udccc CVE-2026-55429 - Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, `UpsertWo... https://www.cyberhub.blog/cves/CVE-2026-55429", "creation_timestamp": "2026-07-09T16:37:07.045779Z"}]}