{"vulnerability": "cve-2026-1064", "sightings": [{"uuid": "d6ec4466-c6a8-475e-9f60-da43f8e2aa9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1064", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mcnrub2oks25", "content": "", "creation_timestamp": "2026-01-17T23:38:29.319262Z"}, {"uuid": "24b24679-9e6a-4907-9825-ade45d67dfce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10649", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mog75re27c2i", "content": "Pacemaker: Denial of Service via integer overflow in remote message decompression (CVE-2026-10649)", "creation_timestamp": "2026-06-16T16:17:28.413838Z"}, {"uuid": "2025f6e0-b41d-4ccd-a860-542c3d3320e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10649", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogfdqcdp72j", "content": "CVE-2026-10649 - Pacemaker: pacemaker: denial of service via integer overflow in remote message decompression\nCVE ID : CVE-2026-10649\n \n Published : June 16, 2026, 3:57 p.m. | 1\u00a0hour, 11\u00a0minutes ago\n \n Description : A flaw was found in Pacemaker. An unauthenticated remote atta...", "creation_timestamp": "2026-06-16T18:08:11.199041Z"}, {"uuid": "5ae93b04-cbe8-4403-b71f-46834e95323b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10649", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mohd3yx7u32f", "content": "\ud83d\udfe0 CVE-2026-10649 - High (8.6)\n\nA flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-10649/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-17T03:00:44.949163Z"}, {"uuid": "9cd11846-485c-4434-b343-801c37a0ef69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10643", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpcul4yxzq2b", "content": "CVE-2026-10643 - Out-of-bounds heap write in Zephyr `recvmsg()` ancillary-data path (`insert_pktinfo` undersizes the control-buffer capacity check)\nCVE ID : CVE-2026-10643\n \n Published : June 27, 2026, 10:59 p.m. | 2\u00a0hours, 12\u00a0minutes ago\n \n Description : Zephyr's IP socket re...", "creation_timestamp": "2026-06-28T01:55:18.206368Z"}, {"uuid": "d399fc91-c6fb-4b84-aa26-6d664f388a04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10643", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mpcxhwkbep2l", "content": "\u8106\u5f31\u6027: **[\u88fd\u54c1\u540d] [\u30d0\u30fc\u30b8\u30e7\u30f3]** \u3067\u3001**[\u8106\u5f31\u6027\u306e\u5185\u5bb9]** \u304c\u5b58\u5728\u3002**[\u5f71\u97ff\u3092\u53d7\u3051\u308b\u5bfe\u8c61]** \u304c **[\u653b\u6483\u8005\u304c\u53ef\u80fd\u306b\u306a\u308b\u884c\u70ba]** \u3092\u884c\u3046\u53ef\u80fd\u6027\u304c\u3042\u308b\u3002\nCVE-2026-10643 CVSS 8.7 | HIGH", "creation_timestamp": "2026-06-28T02:47:12.309557Z"}, {"uuid": "c09c1629-69f6-411c-8c72-f4637630d0d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10646", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mpdcbiet3q2v", "content": "Zephyr (4.0.0 \u2013 4.4.0) faces a HIGH severity use-after-free vuln (CVE-2026-10646). Attackers can trigger crashes via spoofed DNS replies. Patch pending \u2014 review exposure now. https://radar.offseq.com/threat/cve-2026-10646-use-after-free-in-zephyrproject-zep-22335ff5e2d4e43d #OffSeq #Zephyr #Vuln", "creation_timestamp": "2026-06-28T06:00:28.295415Z"}, {"uuid": "3fe4d3f3-1176-4d73-8dea-6afedfbc0046", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10643", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mpdce53ubv2c", "content": "\ud83d\udfe0 CVE-2026-10643 - High (8.7)\n\nZephyr's IP socket recvmsg() implementation (subsys/net/lib/sockets/sockets_inet.c, insert_pktinf...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-10643/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-28T06:01:56.732659Z"}, {"uuid": "a54d24e2-8abb-43aa-8a33-e25146c2c14c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10644", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpddbuvvkh2o", "content": "CVE-2026-10644 - Out-of-bounds write in Microchip SERCOM-G1 (PIC32CM-JH) async UART RX with 1-byte buffer\nCVE ID : CVE-2026-10644\n \n Published : June 28, 2026, 4:02 a.m. | 1\u00a0hour, 42\u00a0minutes ago\n \n Description : The Microchip SERCOM-G1 UART driver (drivers/serial/uart_mchp_ser...", "creation_timestamp": "2026-06-28T06:18:33.680909Z"}, {"uuid": "28033294-6171-4c25-bed0-2fdcf0a743bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10646", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpddktd5em27", "content": "CVE-2026-10646 - Use-after-return in `zsock_getaddrinfo()` when a timed-out DNS query is retried without cancellation\nCVE ID : CVE-2026-10646\n \n Published : June 28, 2026, 4:04 a.m. | 1\u00a0hour, 41\u00a0minutes ago\n \n Description : Zephyr's BSD-sockets getaddrinfo() implementation (su...", "creation_timestamp": "2026-06-28T06:23:34.113505Z"}, {"uuid": "7aa1ca41-e660-41ae-8747-8567e90f9385", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10646", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mpdfhoopcg2d", "content": "Zephyr v4.0.0-v4.4.0\u306egetaddrinfo()\u5b9f\u88c5\u306b\u3001DNS\u30af\u30a8\u30ea\u3067\u30b9\u30bf\u30c3\u30af\u9818\u57df\u3092\u8aa4\u3063\u3066\u4f7f\u7528\u3059\u308b\u8106\u5f31\u6027\u304c\u3042\u308b\u3002\u653b\u6483\u8005\u306f\u3053\u308c\u3092\u5229\u7528\u3057\u3001\u30b5\u30fc\u30d3\u30b9\u59a8\u5bb3\u3084\u30e1\u30e2\u30ea\u7834\u58ca\u3092\u5f15\u304d\u8d77\u3053\u3059\u53ef\u80fd\u6027\u304c\u2026\nCVE-2026-10646 CVSS 7.4 | HIGH", "creation_timestamp": "2026-06-28T06:57:36.208420Z"}, {"uuid": "4f998af2-1ce3-4fcc-a532-6b00f4f533ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10643", "type": "seen", "source": "https://bsky.app/profile/cybersecinsight.bsky.social/post/3mpdvbihlkn2s", "content": "\ud83d\udd0d Vulnerability Spotlight | Part 2/3\n\n\u26a0\ufe0f CVE-2026-10643\n\nZephyr's IP socket recvmsg() implementation (subsys/net/lib/sockets/sockets_inet.c, insert_pktinfo()) validated the user-supplied ancillary (msg_co...", "creation_timestamp": "2026-06-28T11:40:28.138426Z"}, {"uuid": "9a45f14a-02d6-465b-8a63-4c376db719f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10643", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mpfgzudnqx2d", "content": "Top 3 CVE for last 7 days:\nCVE-2026-55200: 45 interactions\nCVE-2026-47729: 36 interactions\nCVE-2026-8461: 35 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-58053: 4 interactions\nCVE-2026-10643: 3 interactions\nCVE-2026-58049: 3 interactions\n", "creation_timestamp": "2026-06-29T02:30:59.418059Z"}, {"uuid": "da79f413-8742-41be-9185-3cf580335b57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10646", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mpfphxar7f26", "content": "Daily IT Security Digest \u2014 2026-06-29\nSystem (CVSS 6.9). Tenda JD12L routers have a HIGH severity stack buffer overflow (CVE-2026-13517, CVSS ~7.5) exploitable remotely. Meanwhile, Zephyr RTOS 4.0.0\u20134.4.0 has CVE-2026-10646 (CVSS 7.4), a use-after-free in getaddrinfo().", "creation_timestamp": "2026-06-29T05:02:01.919234Z"}, {"uuid": "7530474b-2a2c-4116-bd98-963d55cc2386", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10646", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mphe6lcdtf25", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-10646 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 getaddrinfo() \u0432 Zephyr: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/C564DED5-D5CF-424D-BC7F-ACF27E5F6442", "creation_timestamp": "2026-06-29T20:45:15.540420Z"}, {"uuid": "a6ac67d5-43ab-4330-9467-ab67afef76c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10643", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpheggud642y", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-10643 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 recvmsg() \u0434\u043b\u044f IP-\u0441\u043e\u043a\u0435\u0442\u043e\u0432 \u0432 Zephyr: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/46F1A8D2-B780-4412-8CCD-D92486E7F1EB", "creation_timestamp": "2026-06-29T20:49:39.464804Z"}, {"uuid": "71bbdcd7-80b9-4ae4-84de-1490bcece0e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10644", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mphewshmpk2o", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-10644 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Microchip SERCOM-G1: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/B86F168E-0637-42EB-B3DB-B11B09B30D46", "creation_timestamp": "2026-06-29T20:58:48.349791Z"}, {"uuid": "2926fb63-64c8-4937-9890-f09de7a5d2db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10647", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpho7uinjr2g", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-10647 \u0432 USB CDC-NCM: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/509DE01C-45F7-4C42-87C3-7672DBF0D07B", "creation_timestamp": "2026-06-29T23:44:56.185330Z"}, {"uuid": "17f32d14-9595-404f-806c-125c154385cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10648", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mphoxnxguj2q", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-10648 \u0432 mcumgr_serial_process_frag(): \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043c\u0438\u043a\u0440\u043e\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432\n\n\n\nhttps://kripta.biz/posts/CF01D577-BE2B-4D9E-90E6-2F257332E114", "creation_timestamp": "2026-06-29T23:58:14.610691Z"}, {"uuid": "81d7e2a7-8935-458a-a59f-ff19ac527352", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10648", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mphvjll4t22o", "content": "CVE-2026-10648 - NULL-pointer dereference in MCUmgr serial/console SMP transport on buffer-pool exhaustion\nCVE ID : CVE-2026-10648\n \n Published : June 29, 2026, 10:51 p.m. | 2\u00a0hours, 54\u00a0minutes ago\n \n Description : mcumgr_serial_process_frag() in subsys/mgmt/mcumgr/transport/s...", "creation_timestamp": "2026-06-30T01:55:38.736062Z"}, {"uuid": "5b42ddd2-78f0-430a-8bb1-6cf90af61e99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10649", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mpltf4ir3c2r", "content": "O Patch SUSE-2026-2716-1 para Pacemaker: CVE-2026-10649 (integer overflow \u2192 DoS) corrigida em SLES 15 SP6 e openSUSE Leap 15.6.  Saiba mais: -&gt; tinyurl.com/mrx2bcrt  #SUSE", "creation_timestamp": "2026-07-01T15:28:01.695622Z"}, {"uuid": "49f183ac-18cc-4554-ac8a-0ee33e3da139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10649", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mpltf5cffc2r", "content": "O Patch SUSE-2026-2716-1 para Pacemaker: CVE-2026-10649 (integer overflow \u2192 DoS) corrigida em SLES 15 SP6 e openSUSE Leap 15.6.  Saiba mais: -&gt; tinyurl.com/mrx2bcrt  #SUSE", "creation_timestamp": "2026-07-01T15:28:02.150518Z"}]}