{"vulnerability": "CVE-2026-56278", "sightings": [{"uuid": "4820d558-400c-4b93-b4e1-218f48ffbb7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56278", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpkjkz7hy72o", "content": "CVE-2026-56278 - Flowise - Session Hijacking via Weak Default Express Session Secret\nCVE ID : CVE-2026-56278\n \n Published : June 30, 2026, 10:08 p.m. | 3\u00a0hours, 4\u00a0minutes ago\n \n Description : Flowise before 3.1.0 (affected versions 3.0.13 and earlier) uses a weak hardcoded def...", "creation_timestamp": "2026-07-01T02:59:40.779486Z"}, {"uuid": "a7713221-4f5a-4b75-ba1f-82cb694d1682", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56278", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpzl46bhfg2b", "content": "\ud83d\udccc CVE-2026-56278 - Flowise before 3.1.0 (affected versions 3.0.13 and earlier) uses a weak hardcoded default secret ('flowise') for the express-session middleware when t... https://www.cyberhub.blog/cves/CVE-2026-56278", "creation_timestamp": "2026-07-07T02:37:06.497953Z"}]}