{"vulnerability": "CVE-2026-5865", "sightings": [{"uuid": "83511a8a-bab3-4759-8859-d4425389f6ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-5865", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities_20260409", "content": "", "creation_timestamp": "2026-04-08T18:00:00.000000Z"}, {"uuid": "5f830349-5cf6-4888-bbea-974e5abc0864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-5865", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities_20260413", "content": "", "creation_timestamp": "2026-04-12T20:00:00.000000Z"}, {"uuid": "e6626952-a015-4ba6-8463-4eb7e23fee81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5865", "type": "seen", "source": "https://www.thezdi.com/blog/2026/4/14/the-april-2026-security-update-review", "content": "", "creation_timestamp": "2026-04-14T15:49:19.000000Z"}, {"uuid": "c69711a9-151b-4caa-b3fb-cdfa631ff69f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5865", "type": "seen", "source": "Telegram/jIyNUYFMW3pmHfoq9aq6pUc_smYQ1DmvyBbDYJMLxbKNE0Y", "content": "", "creation_timestamp": "2026-04-13T18:00:38.000000Z"}, {"uuid": "55bd5667-92f8-4bff-a060-79926757abe9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-5865", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/chromeos-multiple-vulnerabilities_20260428", "content": "", "creation_timestamp": "2026-04-27T20:00:00.000000Z"}, {"uuid": "5097e126-c33a-4822-9f1b-e8ac1390ff61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5865", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mlcuysq5kz2o", "content": "Tomorrow, we\u2019re releasing the full technical walkthrough for CVE-2026-5865, a chrome v8 0-day found by our AI security agent \"Vega\".\n\nMore Linux kernel and Chrome 0-day writeups are coming later this\u2026\n\n\ud83d\udd01 RT @nebusecurity | reposted by @cyb3rops\nhttps://x.com/nebusecurity/status/2052089801805889897", "creation_timestamp": "2026-05-08T04:22:11.781716Z"}, {"uuid": "36c3d8f4-5f4b-4c14-b27f-0d9ce863a93a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5865", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/83618", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a v8-poc-CVE-2026-5865\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Crihexe\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a JavaScript\n\u2b50 Star\u6570\u91cf\uff1a 1  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-10 06:18:35\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u65e0\u63cf\u8ff0\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-10T07:00:04.000000Z"}, {"uuid": "b966502b-603a-49ab-87ce-e1589a8de7f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58652", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mppo4hmy6r2j", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-58652 \u0432 luci-app-travelmate: \u0443\u0433\u0440\u043e\u0437\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/2066221B-3EA7-481C-B04E-1CE6919638C5", "creation_timestamp": "2026-07-03T04:04:20.141295Z"}, {"uuid": "85b1cfd0-552b-457b-af31-2794b85c4d4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58653", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mppobtmlft22", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-58653 \u0432 PraisonAI: \u0440\u0438\u0441\u043a\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/BDCE96BD-3222-4933-A408-26AEFE1801D8", "creation_timestamp": "2026-07-03T04:07:20.298578Z"}, {"uuid": "aae171b6-427f-47e5-a154-36d2898cc10b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58653", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpqiy6folx2b", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-58653 \u0432 PraisonAI: \u0440\u0438\u0441\u043a\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/C4154091-E8C7-4EA2-BBEC-76ED0DB403AC", "creation_timestamp": "2026-07-03T12:05:07.129419Z"}, {"uuid": "becd05a0-f8f3-41bc-90ce-0dd92a1de99e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58652", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpqdguittd2n", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-58652 \u0432 luci-app-travelmate: \u0443\u0433\u0440\u043e\u0437\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/7AD6811B-1C23-413D-8A20-92B3D276367E", "creation_timestamp": "2026-07-03T10:25:57.696226Z"}, {"uuid": "d4b1fd83-cd58-43c5-aea6-dd033afc8691", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58654", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq5iu26zcq2l", "content": "CVE-2026-58654 - Grav - Arbitrary File Upload via Avatar Endpoint\nCVE ID : CVE-2026-58654\n \n Published : July 8, 2026, 2:17 p.m. | 42\u00a0minutes ago\n \n Description : The Grav API plugin (getgrav/grav-plugin-api) 1.0.0 contains an unrestricted file upload vulnerability in the avat...", "creation_timestamp": "2026-07-08T16:07:25.017448Z"}, {"uuid": "410964ae-9b23-4a74-8edf-48778c6c2c47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58656", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq5ks3mgr32k", "content": "CVE-2026-58656 - Grav API Plugin - Cross-Origin Admin Account Takeover via CORS Wildcard and JWT Query Parameter\nCVE ID : CVE-2026-58656\n \n Published : July 8, 2026, 2:17 p.m. | 42\u00a0minutes ago\n \n Description : Grav API plugin before v1.0.0-rc.16 accepts JWT tokens via the ?tok...", "creation_timestamp": "2026-07-08T16:42:06.969451Z"}, {"uuid": "e177d29b-daeb-4709-8fea-ede8b148a8dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58657", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq5ldyi3xf26", "content": "CVE-2026-58657 - Grav - Stored CSS Injection via Markdown Image resize() Action\nCVE ID : CVE-2026-58657\n \n Published : July 8, 2026, 2:17 p.m. | 42\u00a0minutes ago\n \n Description : Grav before 2.0.0 (affected through 2.0.0-rc.9 and the 2.0 branch) contains a stored CSS injection v...", "creation_timestamp": "2026-07-08T16:52:08.148820Z"}]}