{"vulnerability": "cve-2026-1285", "sightings": [{"uuid": "c5c81cc4-a123-4aa4-9880-cc5bd1830753", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1285", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mdxugave7y2b", "content": "", "creation_timestamp": "2026-02-03T17:16:15.256498Z"}, {"uuid": "82cbeec5-baba-4118-a124-2da76c3f8c10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1285", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mdxut4xnuz2h", "content": "", "creation_timestamp": "2026-02-03T17:23:21.943071Z"}, {"uuid": "1c8dedfb-810d-430a-8cf7-b50c6d1819ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1285", "type": "seen", "source": "https://seclists.org/oss-sec/2026/q1/141", "content": "", "creation_timestamp": "2026-02-03T15:53:03.000000Z"}, {"uuid": "97f4c111-1255-4e69-a2ec-954e4512ede5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12851", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116803556150711396", "content": "CVE-2026-12851: CRITICAL OS command injection in GeoVision GV-I/O Box 4E v2.09 via DVRSearch/Network.cgi allows remote code execution. Patch status pending \u2014 restrict access & monitor endpoints. https://radar.offseq.com/threat/cve-2026-12851-cwe-78-improper-neutralization-of-s-3964552d83f5f479 #OffSeq #Vulnerability #IoTSecurity #CVE #Security", "creation_timestamp": "2026-06-24T06:00:25.798184Z"}, {"uuid": "86994970-1839-448b-81f2-5fc83a91a9bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12850", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116804971963043616", "content": "CVE-2026-12850: CRITICAL OS command injection in GeoVision GV-I/O Box 4E v2.09 via libNetSetObj.so allows remote code execution. No patch \u2014 restrict access to DVRSearch & Network.cgi. Details: https://radar.offseq.com/threat/cve-2026-12850-cwe-78-improper-neutralization-of-s-4e66118ac7829bb3 #OffSeq #ICS #infosec #vulnerability", "creation_timestamp": "2026-06-24T12:00:30.601342Z"}, {"uuid": "540ecb42-af3b-423e-bcd0-856e8a46e3b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12850", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mozujnki732w", "content": "GeoVision GV-I/O Box 4E v2.09 hit by CRITICAL OS command injection (CVE-2026-12850). Remote attackers can run OS commands. No patch \u2014 restrict access & monitor for fixes. https://radar.offseq.com/threat/cve-2026-12850-cwe-78-improper-neutralization-of-s-4e66118ac7829bb3 #OffSeq #vulnerability #ICS", "creation_timestamp": "2026-06-24T12:00:31.151108Z"}]}