{"vulnerability": "cve-2026-1138", "sightings": [{"uuid": "77abc5cb-d059-4fe7-8838-71f1e0a2f295", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1138", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mcqxtdxnou2i", "content": "", "creation_timestamp": "2026-01-19T06:03:21.100967Z"}, {"uuid": "9f473f46-e71c-4ccb-85b5-8d836cd6b2d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1138", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mcr365dfth2v", "content": "", "creation_timestamp": "2026-01-19T07:03:06.172001Z"}, {"uuid": "f8cc3fc6-a243-4a35-8871-e28c02c628ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11387", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpl6rdwfr22q", "content": "\u0423\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438: CVE-2026-11387 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 SMS Alert \u0434\u043b\u044f WooCommerce\n\n\n\nhttps://kripta.biz/posts/F7FDF774-D82B-4EED-94DE-9DB9FBD2DBED", "creation_timestamp": "2026-07-01T09:19:02.592492Z"}, {"uuid": "f7de6d23-8280-47d4-9064-9c0bd66ae0db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11387", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116844254575740206", "content": "CVE-2026-11387 | SMS Alert \u2013 SMS &amp; OTP for WooCommerce &lt;=3.9.5 has a CRITICAL auth flaw (CVSS 9.8): Unauth attackers can take over any WP account if OTP resets &amp; phone numbers are enabled. Disable OTP resets ASAP. https://radar.offseq.com/threat/cve-2026-11387-cwe-287-improper-authentication-in--cb792a6868247a84 #OffSeq #WordPress #Infosec", "creation_timestamp": "2026-07-01T10:30:34.645846Z"}, {"uuid": "b571aafa-f464-47b6-b2c4-3bf9748b63e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11387", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mplcrcszoe25", "content": "CRITICAL (CVSS 9.8): cozyvision1 SMS Alert \u2013 SMS &amp; OTP for WooCommerce &lt;=3.9.5 lets unauth attackers hijack accounts via OTP flaw. Disable OTP resets or remove phone numbers until patched. https://radar.offseq.com/threat/cve-2026-11387-cwe-287-improper-authentication-in--cb792a6868247a84 #OffSeq ...", "creation_timestamp": "2026-07-01T10:30:36.578111Z"}, {"uuid": "733f7773-b93e-47d1-885a-609652e43364", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11387", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mplgltzcv426", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-11387 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 SMS Alert \u0434\u043b\u044f WooCommerce: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/86C9D953-6481-4ADE-A6D1-384AF0E54E5A", "creation_timestamp": "2026-07-01T11:39:07.910135Z"}, {"uuid": "9eed3fbb-9d68-49fb-b9f0-b7b6114a872f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11387", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpljs5udtb26", "content": "CVE-2026-11387 - SMS Alert\nCVE ID : CVE-2026-11387\n \n Published : July 1, 2026, 7:53 a.m. | 3\u00a0hours, 53\u00a0minutes ago\n \n Description : The SMS Alert \u2013 SMS &amp; OTP for WooCommerce, Order Notifications &amp; Abandoned Cart Recovery plugin for WordPress is vulnerable to privilege...", "creation_timestamp": "2026-07-01T12:36:20.225679Z"}, {"uuid": "d60efd72-c26e-4ddd-a1bf-5dcf068a76d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11380", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mplkfad56s26", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-11380 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 JetWidgets For Elementor: \u0443\u0433\u0440\u043e\u0437\u0430 \u0434\u043b\u044f \u0441\u0430\u0439\u0442\u043e\u0432 \u043d\u0430 WordPress\n\n\n\nhttps://kripta.biz/posts/FB3D117B-1D7F-45F0-8799-978AA35CCC90", "creation_timestamp": "2026-07-01T12:47:00.487439Z"}, {"uuid": "108e3323-ad7f-4879-bb33-89aa8917e1b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11380", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmjioyorz2t", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-11380 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 JetWidgets \u0434\u043b\u044f Elementor: \u0443\u0433\u0440\u043e\u0437\u0430 \u0434\u043b\u044f \u0441\u0430\u0439\u0442\u043e\u0432 \u043d\u0430 WordPress\n\n\n\nhttps://kripta.biz/posts/09B49068-EEB5-4154-A424-C9079230CFC0", "creation_timestamp": "2026-07-01T22:03:42.656862Z"}, {"uuid": "76a230a6-9e53-4500-85d4-0b42178aeaf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11387", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mpmpyzycc22h", "content": "Anyone can reset any user password. Admin accounts included. CVE-2026-11387 (CVSS 9.8). SMS Alert plugin through 3.9.5 doesn't validate identity before password resets. Your site is takeover-ready.\n\nUpdate to 3.9.5 now. Scan your WordPress site: pulse-wp.com\n#WordPress #AccessControl #CyberSecurity", "creation_timestamp": "2026-07-02T00:00:15.239268Z"}, {"uuid": "2a62ff1c-3aca-4491-aaea-728653a1ac0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11380", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3mpt5ebham42a", "content": "CVE-2026-11380 jetwidgets-for-elementor (CVSS Score 6.4) \n\n#WordPress plugin #vulnerability #cybersecurity #wordpressfirewall #hacking #wpsecurity #atomicedge #cybersecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-07-04T13:15:07.606502Z"}, {"uuid": "907d7baa-64f2-4453-83d0-85684fdfad4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11386", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqrehj3yns2w", "content": "CVE-2026-11386\nThe Canonical ubuntu-pro-client software can be tricked into installing malicious packages on Ubuntu servers, potentially allowing an attacker to execute code with root access. This issue affects preinstalled\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-16T13:42:04.871056Z"}, {"uuid": "c3f261b5-5e77-4a38-b38d-4924c8d23990", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11386", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3mqrglhi4kn2l", "content": "\ud83d\udc1b VULNERABILITIES CVE Notify: \ud83d\udea8 [CVE-2026-11386](https://ubuntu.com/security/CVE-2026-11386)\nAn input validation and injection vu...\nhttps://ubuntu.com/security/CVE-2026-11386 #PatchManagement #Vulnerability #CVE", "creation_timestamp": "2026-07-16T14:20:05.657622Z"}, {"uuid": "dfdd6094-f9fb-4b7a-a65d-fea6d898719a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11386", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqrjxybz3a2o", "content": "CVE-2026-11386 - ubuntu-pro-client Input Validation Vulnerability Leading to Arbitrary APT Directive Injection and Remote Code Execution\nCVE ID : CVE-2026-11386\n \n Published : July 16, 2026, 1:16 p.m. | 1\u00a0hour, 18\u00a0minutes ago\n \n Description : An input validation and injection ...", "creation_timestamp": "2026-07-16T15:20:46.061542Z"}, {"uuid": "cfc6b5c0-4fd5-443f-ae08-2402c82ac5f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11386", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqrp37vpr72x", "content": "CVE-2026-11386 - ubuntu-advantage-tools\nA security risk exists in Canonical ubuntu-pro-client software. An attacker could manipulate a contract response to inject malicious package information,\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#canonical #Ubuntu2204LTS #CVE #infosec", "creation_timestamp": "2026-07-16T16:52:03.851799Z"}, {"uuid": "dc3ace3c-e5e8-47fe-9fd2-a7c16aaa8281", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11387", "type": "seen", "source": "Telegram/MkaIkROVQpeeF9JtM073PqkfEmOmst-NpG-Pr_p1mApowTg", "content": "", "creation_timestamp": "2026-07-16T19:00:23.174359Z"}, {"uuid": "c867171d-4118-4a29-bef2-7e6362b0e837", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11386", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116932374467367447", "content": "CRITICAL vuln in ubuntu-pro-client &lt;37.2ubuntu~22.04.1: contract server manipulation can inject malicious APT config &amp; install arbitrary packages as root. Preinstalled on Ubuntu Pro images. Patch status TBD. Details: https://radar.offseq.com/threat/ubuntu-cve-2026-11386-a076c116b384b281 #OffSeq #Ubuntu #LinuxSec #Vulnerability", "creation_timestamp": "2026-07-17T00:00:38.053492Z"}, {"uuid": "5d6af9cf-672d-438c-9a45-975651dbd946", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11386", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqsgzm7l7j2t", "content": "ubuntu-pro-client (ubuntu-advantage-tools) CRITICAL vuln: attackers can inject APT config and install root-level packages by manipulating contract server responses. Default on Ubuntu Pro images. Patch TBD. More: https://radar.offseq.com/threat/ubuntu-cve-2026-11386-a076c116b384b281 #OffSeq #Linux...", "creation_timestamp": "2026-07-17T00:00:39.363923Z"}, {"uuid": "ed4ac0d9-805e-4911-ad25-a764e2a5fbe3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11387", "type": "seen", "source": "Telegram/MkaIkROVQpeeF9JtM073PqkfEmOmst-NpG-Pr_p1mApowTg", "content": "", "creation_timestamp": "2026-07-17T01:00:21.246338Z"}, {"uuid": "a368b1ce-4f97-4297-9fde-3a3f0849f436", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11386", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116936433039987085", "content": "Some increased actor activities are shown targeting Canonical ubuntu-pro-client (CVE-2026-11386) https://vuldb.com/vuln/379514/cti", "creation_timestamp": "2026-07-17T17:12:45.954751Z"}, {"uuid": "dc1a5d73-b08e-44c6-a0f7-66655adff18e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11387", "type": "published-proof-of-concept", "source": "Telegram/MkaIkROVQpeeF9JtM073PqkfEmOmst-NpG-Pr_p1mApowTg", "content": "", "creation_timestamp": "2026-07-18T00:00:10.800342Z"}, {"uuid": "4191638c-d8f8-4f76-8965-3bd9e9401f32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11386", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mqvtzsdbt22c", "content": "Ubuntu Pro Client vulnerability CVE-2026-11386 (CVSS 9.0) lets a spoofed contract server inject APT sources and run code with root privileges.\n\n#Ubuntu #UbuntuPro #CVE202611386 #Canonical #RCE #Linux #CyberSecurity", "creation_timestamp": "2026-07-18T08:31:23.433260Z"}]}