{"vulnerability": "CVE-2026-5844", "sightings": [{"uuid": "a9d51b09-606f-448a-b08f-b187196d8c53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5844", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116373220738589930", "content": "", "creation_timestamp": "2026-04-09T06:00:29.051946Z"}, {"uuid": "1a7c085b-dc4d-419b-8136-8c92f16be750", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5844", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mj24xwfqqm2y", "content": "", "creation_timestamp": "2026-04-09T06:00:30.250830Z"}, {"uuid": "c8b62ea3-6cb6-4a85-9b29-f16895067d91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5844", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mj2apnrpfg25", "content": "", "creation_timestamp": "2026-04-09T07:07:27.628254Z"}, {"uuid": "db2fa339-9078-4dc1-bf9e-5422dece59cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-5844", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-5844", "content": "", "creation_timestamp": "2026-04-08T20:16:06.000000Z"}, {"uuid": "4c0ef62a-af82-483a-8114-f741ec4e4e71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5844", "type": "published-proof-of-concept", "source": "Telegram/PMg85ruQxGJV3fewnx4iF85fyDu3eKOw9onWzzjaoGbfReM", "content": "", "creation_timestamp": "2026-04-09T07:17:08.000000Z"}, {"uuid": "acba2688-e924-468d-9302-33e2fafebcf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58447", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpjz2m5zsw2s", "content": "CVE-2026-58447 - Invidious - Cross-User Playlist Video Deletion via Missing Ownership Check\nCVE ID : CVE-2026-58447\n \n Published : June 30, 2026, 9:05 p.m. | 40\u00a0minutes ago\n \n Description : Invidious through 2.20260626.0, fixed in commit 77ad416, contains a broken object level...", "creation_timestamp": "2026-06-30T22:04:10.647150Z"}, {"uuid": "11f3617e-b995-47fe-b0a5-91d9343f6a2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58446", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpk227pixu2k", "content": "CVE-2026-58446 - Presenton\nCVE ID : CVE-2026-58446\n \n Published : June 30, 2026, 9:05 p.m. | 41\u00a0minutes ago\n \n Description : Presenton before 0.8.8-beta bundles an MCP server that, on server/Docker deployments configured with session authentication (AUTH_USERNAME/AUTH_PASSWORD...", "creation_timestamp": "2026-06-30T22:21:57.271344Z"}, {"uuid": "f232b7ac-9f5c-462f-a6e9-2d3cdb668679", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58449", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpk2bvcfe326", "content": "CVE-2026-58449 - txtai - Unauthenticated Remote Code Execution via Unsafe Reflection in API /reindex function Parameter\nCVE ID : CVE-2026-58449\n \n Published : June 30, 2026, 9:06 p.m. | 39\u00a0minutes ago\n \n Description : txtai through 9.10.0, fixed in commit 11b32da, exposes an A...", "creation_timestamp": "2026-06-30T22:26:10.716143Z"}, {"uuid": "6a3e8744-7daa-48a5-8edc-f502224e4bed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58448", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpk2ttlbxv2h", "content": "CVE-2026-58448 - yudao-cloud\nCVE ID : CVE-2026-58448\n \n Published : June 30, 2026, 9:06 p.m. | 40\u00a0minutes ago\n \n Description : yudao-cloud before 2026.06 contains a broken access control vulnerability in the BPM module that allows any authenticated user to access arbitrary pro...", "creation_timestamp": "2026-06-30T22:36:10.907658Z"}, {"uuid": "ec86706b-3929-48c4-9ae4-421efea579f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58448", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmuxtxbit2o", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-58448 \u0432 Yudao-Cloud: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/F422B707-FAA7-4574-B464-319BFD44F9B2", "creation_timestamp": "2026-07-02T01:29:02.698038Z"}, {"uuid": "9a000047-69b7-4511-ab84-009502628ccd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58449", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpovld6x432e", "content": "CVE-2026-58449\ntxtai versions 9.10.0 and earlier have a security risk if you're using an unauthenticated API and allowing remote index updates. A malicious user could potentially execute code on your server when reindexing.\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-02T20:45:15.884455Z"}, {"uuid": "20eda4e3-b8c4-4066-8d02-2aaec652e014", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58447", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpqcc3wwhe27", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-58447 \u0432 Invidious: \u0447\u0442\u043e \u044d\u0442\u043e \u0442\u0430\u043a\u043e\u0435 \u0438 \u043a\u0430\u043a \u043e\u043d\u0430 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439\n\n\n\nhttps://kripta.biz/posts/9B8169B5-3F0F-4740-9103-1FFD6415511B", "creation_timestamp": "2026-07-03T10:05:23.807277Z"}]}