{"vulnerability": "cve-2026-11420", "sightings": [{"uuid": "22d8c111-cd66-45b7-b5e1-5d9805113269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11420", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnkzghaetw27", "content": "CVE-2026-11420 - Path Traversal in Altium Enterprise Server NIS Allows Unauthenticated Arbitrary File Write and File Read\nCVE ID : CVE-2026-11420\n \n Published : June 5, 2026, 8:17 p.m. | 15\u00a0minutes ago\n \n Description : Two path traversal vulnerabilities in the Network Installa...", "creation_timestamp": "2026-06-05T20:53:04.530882Z"}, {"uuid": "f400ad6e-bed9-4fe1-96cf-cfef7d993988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11420", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116700926764613870", "content": "\ud83d\udd34 CRITICAL: Altium Enterprise Server (NIS) path traversal (CVE-2026-11420, CVSS 10) lets unauth'd attackers write/read files, leading to RCE risk. Restrict access; monitor for vendor patches. Altium 365 not affected. https://radar.offseq.com/threat/cve-2026-11420-cwe-22-improper-limitation-of-a-pat-24b2eaa0 #OffSeq #vuln #infosec #CVE202611420", "creation_timestamp": "2026-06-06T03:00:41.020544Z"}, {"uuid": "7a1c2de3-265d-4a8c-9f88-c96bfc91f033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11420", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnlnxeyhpo2f", "content": "Altium Enterprise Server faces CRITICAL path traversal (CVSS 10). Unauth'd attackers can write/read files, risking RCE. Restrict NIS access &amp; watch for patches. Cloud not affected. https://radar.offseq.com/threat/cve-2026-11420-cwe-22-improper-limitation-of-a-pat-24b2eaa0 #OffSeq #security #CVE20...", "creation_timestamp": "2026-06-06T03:00:44.507401Z"}, {"uuid": "b4dad5f6-9f02-4780-aa5a-0829ef54539c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11420", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motx5v4qxl2b", "content": "\ud83d\udea8  ALERT: CVE-2026-11420\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nTwo path traversal vulnerabilities in the Network Installation Service (NIS) of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on the server filesystem and to read package archi", "creation_timestamp": "2026-06-22T03:31:38.599603Z"}]}