{"vulnerability": "cve-2026-1376", "sightings": [{"uuid": "c4019ae8-512e-4b01-8ee9-d926b9f3d698", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1376", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mhhf3ydzsw2m", "content": "", "creation_timestamp": "2026-03-20T01:40:09.698450Z"}, {"uuid": "62182ecd-5bd6-470d-b38a-4de1ffe43803", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1376", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mhbzntn3nf2n", "content": "", "creation_timestamp": "2026-03-17T22:32:06.259499Z"}, {"uuid": "29c00608-7340-448b-996c-5d559a71f29c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-1376", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mhcehxyjxf2l", "content": "", "creation_timestamp": "2026-03-18T01:45:39.190532Z"}, {"uuid": "7514ea17-cde0-4112-96ac-f969afa7cf59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13762", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mphiu4vkl324", "content": "Amazon CloudFront\u3067HTTP/2\u30ea\u30af\u30a8\u30b9\u30c8\u306e\u89e3\u91c8\u306b\u4e0d\u6574\u5408\u304c\u3042\u308a\u3001AWS WAF\u306e\u30de\u30cd\u30fc\u30b8\u30c9\u30eb\u30fc\u30eb\u306b\u3088\u308b\u30dc\u30c7\u30a3\u691c\u67fb\u304c\u56de\u907f\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308b\u3002\nCVE-2026-13762 CVSS 9.8 | CRITICAL", "creation_timestamp": "2026-06-29T22:08:54.093041Z"}, {"uuid": "92b6dac9-3f10-4252-ac66-72c088c2b6b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13763", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mphkvs6ply2x", "content": "CVE-2026-13763 - HTTP/2 Stream Parser Confusion Body-Inspection Bypass in AWS Application Load Balancer with AWS WAF\nCVE ID : CVE-2026-13763\n \n Published : June 29, 2026, 8:03 p.m. | 1\u00a0hour, 8\u00a0minutes ago\n \n Description : Inconsistent interpretation of HTTP/2 requests in AWS A...", "creation_timestamp": "2026-06-29T22:45:37.310576Z"}, {"uuid": "94aca4f2-eb0d-4a64-83a6-72fd04af25c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13762", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mphl6qlfck2s", "content": "CVE-2026-13762 - HTTP/2 Stream Parser Confusion Body-Inspection Bypass in Amazon CloudFront with AWS WAF\nCVE ID : CVE-2026-13762\n \n Published : June 29, 2026, 8:03 p.m. | 1\u00a0hour, 9\u00a0minutes ago\n \n Description : Inconsistent interpretation of HTTP/2 requests in Amazon CloudFront...", "creation_timestamp": "2026-06-29T22:50:37.322450Z"}, {"uuid": "4975dc99-7f5a-4f63-be9d-ab28f8788c48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13762", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mphmg5xo3d2k", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-13762: \u043a\u0430\u043a \u043d\u0435\u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0435 \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 HTTP/2 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0443\u0433\u0440\u043e\u0436\u0430\u0435\u0442 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 CloudFront \u0438 AWS WAF\n\n\n\nhttps://kripta.biz/posts/A731FAD9-93FA-4699-98D9-E83C0A9EA5D0", "creation_timestamp": "2026-06-29T23:12:40.018299Z"}, {"uuid": "2516cde8-60de-4ec7-921a-f3ca0afa2acf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13763", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mphndiisz22o", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-13763 \u0432 AWS Application Load Balancer: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/C893A8A3-1B9E-42B7-BF99-AB22BF806743", "creation_timestamp": "2026-06-29T23:29:04.111263Z"}, {"uuid": "7c1d0e3c-e27a-4c83-8df0-e3c31482caf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13763", "type": "seen", "source": "https://bsky.app/profile/qiancx.bsky.social/post/3mphndjd77w2u", "content": "AWS\u5e94\u7528\u8d1f\u8f7d\u5747\u8861\u5668HTTP/2\u8bf7\u6c42\u89e3\u6790\u6f0f\u6d1e(CVE-2026-13763)\u6df1\u5ea6\u5206\u6790\u4e0e\u5e94\u5bf9\u7b56\u7565\n\n\n\nhttps://qian.cx/posts/94EF09FA-E20A-4773-829A-8739CBFAD0FB", "creation_timestamp": "2026-06-29T23:29:04.925465Z"}, {"uuid": "28f15be5-9282-45e4-9d00-968fb5e071dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13763", "type": "seen", "source": "https://gist.github.com/ichintu/8b78df900d5aca0afc4dd97225bd83dc", "content": "**Daily Cyber Threat Intelligence\u2014June\u202f29\u202f2026**\n\n| CVE | Product/Component | Issue | Severity | Key Impact | Resolution |\n|-----|-------------------|-------|----------|------------|------------|\n| **CVE-2026-7656** | Zephyr OS IPv6 stack | Input\u2011validation bug in `handle_ra_input`, `handle_ns_input`, `handle_na_input` caused all RFC\u20114861 checks to be bypassed (ICMPv6 code\u202f0 made the predicate false). | 8.1 (High) | Forged RA/NS/NA from an on\u2011link or even remote attacker \u2192 router re\u2011config, DNS hijack, MTU spoof, MITM, DoS. | Updated condition so any failed check drops the packet (fixed in all releases 2018\u2011v4.4.0). |\n| **CVE-2026-34594** | Coolify (self\u2011hosted server/app manager) | Authenticated command injection in Destination Network Management \u2013 a `network` parameter is passed directly to shell. | 8.8 (High) | Full root RCE on the managed machine. | Fixed in 4.0.0\u2011beta.471. |\n| **CVE-2026-34597** | Coolify | Authenticated Host RCE \u2013 user\u2011supplied `install_command` in Nixpacks is concatenated into a shell command. | 8.8 (High) | Host\u2011level command execution. | Fixed in 4.0.0\u2011beta.470. |\n| **CVE-2026-57498** | Coolify | Cross\u2011team IDOR: Livewire UI components accepted `server_id` and `destination_uuid` from query strings without validating team ownership, while API controllers were correct. | 9.6 (Critical) | Deploy resources to other teams\u2019 servers. | Patched in 4.0.0\u2011beta.474. |\n| **CVE-2026-13763** | AWS Application Load Balancer + WAF | HTTP/2 body\u2011inspection bypass: fragmented bodies mean only a portion is inspected by WAF. | 9.8 (Critical) | Attacker can send malicious content partially inspected. | Enable \u201cInspect after sufficient data\u201d target\u2011group setting (AWS doc link). |\n| **CVE-2026-13762** | Amazon CloudFront + WAF | Same HTTP/2 body\u2011inspection confusion as above, affecting CloudFront target groups. | 9.8 (Critical) | Bypass WAF body\u2011inspection. | Server\u2011side patch applied; no customer action required. |\n| **Other Alert** | GitHub Repository | Repository hosts a dropper RAT, a cryptominer, and AI\u2011based credential\u2011stealing code. | \u2014 | \u2014 | \u2014 |\n\n**Take\u2011away:**  \n\n- Zephyr OS and Coolify are currently plagued by authenticated RCE and IDOR flaws that were fixed in recent releases; update immediately.  \n- AWS customers should check that ALB \u201cInspect after sufficient data\u201d is enabled; CloudFront security is already patched.  \n- Monitor the mentioned malicious GitHub repo for potential new threats.", "creation_timestamp": "2026-06-30T00:01:40.121872Z"}, {"uuid": "4ce4fc62-3d31-4970-86e8-6c0b33fa20ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13762", "type": "seen", "source": "https://gist.github.com/ichintu/8b78df900d5aca0afc4dd97225bd83dc", "content": "**Daily Cyber Threat Intelligence\u2014June\u202f29\u202f2026**\n\n| CVE | Product/Component | Issue | Severity | Key Impact | Resolution |\n|-----|-------------------|-------|----------|------------|------------|\n| **CVE-2026-7656** | Zephyr OS IPv6 stack | Input\u2011validation bug in `handle_ra_input`, `handle_ns_input`, `handle_na_input` caused all RFC\u20114861 checks to be bypassed (ICMPv6 code\u202f0 made the predicate false). | 8.1 (High) | Forged RA/NS/NA from an on\u2011link or even remote attacker \u2192 router re\u2011config, DNS hijack, MTU spoof, MITM, DoS. | Updated condition so any failed check drops the packet (fixed in all releases 2018\u2011v4.4.0). |\n| **CVE-2026-34594** | Coolify (self\u2011hosted server/app manager) | Authenticated command injection in Destination Network Management \u2013 a `network` parameter is passed directly to shell. | 8.8 (High) | Full root RCE on the managed machine. | Fixed in 4.0.0\u2011beta.471. |\n| **CVE-2026-34597** | Coolify | Authenticated Host RCE \u2013 user\u2011supplied `install_command` in Nixpacks is concatenated into a shell command. | 8.8 (High) | Host\u2011level command execution. | Fixed in 4.0.0\u2011beta.470. |\n| **CVE-2026-57498** | Coolify | Cross\u2011team IDOR: Livewire UI components accepted `server_id` and `destination_uuid` from query strings without validating team ownership, while API controllers were correct. | 9.6 (Critical) | Deploy resources to other teams\u2019 servers. | Patched in 4.0.0\u2011beta.474. |\n| **CVE-2026-13763** | AWS Application Load Balancer + WAF | HTTP/2 body\u2011inspection bypass: fragmented bodies mean only a portion is inspected by WAF. | 9.8 (Critical) | Attacker can send malicious content partially inspected. | Enable \u201cInspect after sufficient data\u201d target\u2011group setting (AWS doc link). |\n| **CVE-2026-13762** | Amazon CloudFront + WAF | Same HTTP/2 body\u2011inspection confusion as above, affecting CloudFront target groups. | 9.8 (Critical) | Bypass WAF body\u2011inspection. | Server\u2011side patch applied; no customer action required. |\n| **Other Alert** | GitHub Repository | Repository hosts a dropper RAT, a cryptominer, and AI\u2011based credential\u2011stealing code. | \u2014 | \u2014 | \u2014 |\n\n**Take\u2011away:**  \n\n- Zephyr OS and Coolify are currently plagued by authenticated RCE and IDOR flaws that were fixed in recent releases; update immediately.  \n- AWS customers should check that ALB \u201cInspect after sufficient data\u201d is enabled; CloudFront security is already patched.  \n- Monitor the mentioned malicious GitHub repo for potential new threats.", "creation_timestamp": "2026-06-30T00:01:40.205127Z"}, {"uuid": "36c11799-bfa4-49b0-b310-990a29c7b5a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13766", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mpjflsle6i2j", "content": "CVE-2026-13766: DBIx::QuickORM versions before 0.000026 for Perl allow SQL injection via unquoted SQL identifiers", "creation_timestamp": "2026-06-30T16:15:52.833900Z"}, {"uuid": "0fca7e46-93cb-419e-acee-51e4a5725400", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13766", "type": "seen", "source": "https://bsky.app/profile/cybersecinsight.bsky.social/post/3mplgmsqwyq2s", "content": "\ud83d\udd0d Vulnerability Spotlight | Part 2/3\n\n\u26a0\ufe0f CVE-2026-13766\n\nDBIx::QuickORM versions before 0.000026 for Perl allow SQL injection via unquoted SQL identifiers.\n\nThe default SQL builder, a SQL::Abstract subcla...", "creation_timestamp": "2026-07-01T11:39:39.520347Z"}, {"uuid": "dc33d19f-5e1f-413c-bcd8-1c0fc2654aac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13760", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpmf66l7bz2a", "content": "CVE-2026-13760 - OS Command Injection in aws-cdk-lib Docker Bundling\nCVE ID : CVE-2026-13760\n \n Published : July 1, 2026, 7:05 p.m. | 41\u00a0minutes ago\n \n Description : OS command injection in the NodejsFunction Docker bundling pipeline (OsCommand helper) in AWS aws-cdk-lib on al...", "creation_timestamp": "2026-07-01T20:46:14.878828Z"}, {"uuid": "9aad304b-cbe0-4f25-addc-33cd9e3379c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13769", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpmfq3gnpv2k", "content": "CVE-2026-13769 - Overly permissive File Permissions in AWS CLI\nCVE ID : CVE-2026-13769\n \n Published : July 1, 2026, 6:34 p.m. | 1\u00a0hour, 12\u00a0minutes ago\n \n Description : Overly permissive file permissions in AWS CLI before 1.44.78 (v1) and 2.34.29 (v2) on Unix-like systems where...", "creation_timestamp": "2026-07-01T20:56:15.479561Z"}, {"uuid": "3ef17e94-adfd-44cd-ac38-54377610877c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13769", "type": "seen", "source": "https://bsky.app/profile/qiancx.bsky.social/post/3mpntbt2zrq2a", "content": "AWS CLI \u5b89\u5168\u6f0f\u6d1e CVE-2026-13769 \u6df1\u5ea6\u89e3\u6790:\u8fc7\u5ea6\u5bbd\u677e\u7684\u6587\u4ef6\u6743\u9650\u98ce\u9669\u4e0e\u4fee\u590d\u6307\u5357\n\n\n\nhttps://qian.cx/posts/CF1C03B0-2510-4A72-955D-CE5949A71426", "creation_timestamp": "2026-07-02T10:31:29.139609Z"}, {"uuid": "03813357-5308-4676-a473-b58656d71494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13769", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpntbtogez2q", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-13769 \u0432 AWS CLI: \u0440\u0438\u0441\u043a\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/C92AB52C-8DC6-4139-9C6E-E3C5BF778BD9", "creation_timestamp": "2026-07-02T10:31:29.941354Z"}, {"uuid": "1c5e7c4c-de32-406f-a52a-b964bac83894", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13769", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpnxu4y55r2i", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-13769 \u0432 AWS CLI: \u0440\u0438\u0441\u043a\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/74F5CA3E-BBB7-49FD-916E-4CA3BD386581", "creation_timestamp": "2026-07-02T11:53:18.238068Z"}, {"uuid": "91bf869c-838a-4c75-96f9-069812ba4371", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13769", "type": "seen", "source": "https://bsky.app/profile/qiancx.bsky.social/post/3mpnxubygwz2l", "content": "AWS CLI \u6743\u9650\u6f0f\u6d1e\u5206\u6790:CVE-2026-13769 \u5982\u4f55\u5f71\u54cd\u60a8\u7684\u4e91\u5b89\u5168?\n\n\n\nhttps://qian.cx/posts/F5F9E74F-9CDA-42F5-8615-30082280C353", "creation_timestamp": "2026-07-02T11:53:23.640620Z"}, {"uuid": "18bab485-2e55-44ff-871c-9899c3ea1239", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-13768", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-183-03", "content": "", "creation_timestamp": "2026-07-02T17:15:03.045163Z"}, {"uuid": "a9f04f7f-3c28-4f9c-ad27-1e9fa6bd1305", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13760", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3mpopoqvg6v22", "content": "CVE-2026-13760 - OS Command Injection in NodejsFunction Docker Bundling in aws-cdk-lib #patchmanagement", "creation_timestamp": "2026-07-02T18:59:47.913061Z"}, {"uuid": "47cbea2b-8090-4024-863f-ac1638dffefb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13769", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3mpopou44cj2n", "content": "CVE-2026-13769 \u2013 Insecure file permissions in AWS CLI #patchmanagement", "creation_timestamp": "2026-07-02T18:59:50.995342Z"}, {"uuid": "9b97c28d-8486-4fbf-ab96-b232b3b0c1b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13762", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3mpopozlzkd2i", "content": "CVE-2026-13762 and CVE-2026-13763 - Issue with HTTP/2 multi-frame request body inspection in AWS WAF #patchmanagement", "creation_timestamp": "2026-07-02T18:59:56.785039Z"}, {"uuid": "989940dd-f0c7-4a62-a970-c94fa00c4897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13763", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3mpopozlzkd2i", "content": "CVE-2026-13762 and CVE-2026-13763 - Issue with HTTP/2 multi-frame request body inspection in AWS WAF #patchmanagement", "creation_timestamp": "2026-07-02T18:59:56.834908Z"}, {"uuid": "46aef485-8727-41e2-b489-0bf042e3e665", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-13768", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116853102484273046", "content": "CVE-2026-13768: Gardyn Home Firmware (CRITICAL, CVSS 10) exposes a privileged iothubowner key, enabling attackers to control devices &amp; move laterally on networks. No patch yet. Monitor and segment IoT devices. https://radar.offseq.com/threat/cve-2026-13768-cwe-798-in-gardyn-gardyn-home-firmw-08332214fc38f3ba #OffSeq #IoTSecurity #CVE202613768", "creation_timestamp": "2026-07-03T00:00:42.923308Z"}, {"uuid": "712ced5b-b46c-4a73-b360-c79d7aea4c57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-13768", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mppaiuvoja27", "content": "Gardyn Home Firmware hit by CRITICAL vuln (CVE-2026-13768): leaked iothubowner key lets attackers control devices &amp; access network info. No fix yet \u2014 review segmentation &amp; monitor activity. https://radar.offseq.com/threat/cve-2026-13768-cwe-798-in-gardyn-gardyn-home-firmw-08332214fc38f3ba #OffSeq...", "creation_timestamp": "2026-07-03T00:00:46.109005Z"}, {"uuid": "452c4f44-5ff4-437d-84a3-c9d3b9c6acad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13768", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpplqq2bdi23", "content": "CVE-2026-13768 - Gardyn IoT Hub Use of Hard-coded Credentials\nCVE ID : CVE-2026-13768\n \n Published : July 2, 2026, 11:40 p.m. | 2\u00a0hours, 6\u00a0minutes ago\n \n Description : Gardyn devices expose a privileged iothubowner key. Access to this key will allow a malicious user to invoke ...", "creation_timestamp": "2026-07-03T03:21:58.988343Z"}, {"uuid": "1e8db603-9d38-45be-a9cf-df0e77735618", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13762", "type": "seen", "source": "https://bsky.app/profile/chrisshort.net/post/3mpr67snklw2l", "content": "CVE-2026-13762 and CVE-2026-13763 - Issue with HTTP/2 multi-frame request body inspection in AWS WAF #devopsish aws.amazon.com/secur...", "creation_timestamp": "2026-07-03T18:25:11.831315Z"}, {"uuid": "34ea99e2-7a2f-4df2-a2fe-b7932a780272", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13763", "type": "seen", "source": "https://bsky.app/profile/chrisshort.net/post/3mpr67snklw2l", "content": "CVE-2026-13762 and CVE-2026-13763 - Issue with HTTP/2 multi-frame request body inspection in AWS WAF #devopsish aws.amazon.com/secur...", "creation_timestamp": "2026-07-03T18:25:11.961120Z"}, {"uuid": "587789d8-36d3-4849-9571-27ab7f376a31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13762", "type": "seen", "source": "https://hachyderm.io/users/ChrisShort/statuses/116857445528031022", "content": "CVE-2026-13762 and CVE-2026-13763 - Issue with HTTP/2 multi-frame request body inspection in AWS WAF #devopsish https://aws.amazon.com/security/security-bulletins/2026-048-aws/", "creation_timestamp": "2026-07-03T18:25:12.640454Z"}, {"uuid": "e341eaee-6e90-45e1-bdca-f3779450443a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13763", "type": "seen", "source": "https://hachyderm.io/users/ChrisShort/statuses/116857445528031022", "content": "CVE-2026-13762 and CVE-2026-13763 - Issue with HTTP/2 multi-frame request body inspection in AWS WAF #devopsish https://aws.amazon.com/security/security-bulletins/2026-048-aws/", "creation_timestamp": "2026-07-03T18:25:12.687052Z"}, {"uuid": "f24e54c9-cc56-4864-af69-9b63a77b022f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13768", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpra3mo23q2y", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-13768 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Gardyn: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f\n\n\n\nhttps://kripta.biz/posts/D772835A-8DBA-4507-B09D-0902155162FC", "creation_timestamp": "2026-07-03T18:58:38.696376Z"}, {"uuid": "a2ad3d9d-5bbb-43c8-846c-d581412b3113", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13768", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mprkdmuib42x", "content": "CVE-2026-13768 - gardyn home firmware\nGardyn IoT devices have a security flaw that allows hackers to access sensitive information about all connected devices and potentially take control of them. This could lead to\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#gardyn #CVE #infosec", "creation_timestamp": "2026-07-03T22:02:04.810906Z"}, {"uuid": "1251fe28-0b15-4f9e-8976-d4acfc1758ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13768", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mpwrvd35fs2f", "content": "\ud83d\udd34 CVE-2026-13768 - Critical (10)\n\nGardyn devices expose a privileged iothubowner key. Access to this key will allow a malicious use...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-13768/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-06T00:00:34.405872Z"}, {"uuid": "96fe8cc5-51ff-4392-a8b4-395053b8e5d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13768", "type": "seen", "source": "https://t.me/GithubRedTeam/93032", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-13768\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a J4ck3LSyN-Gen2\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-11 23:34:10\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nAzure IoT Hub where exposure of an owner-level Shared Access Key enables unauthenticated remote code execution (RCE) against connected IoT devices. Proof-Of-Concept\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:04.323955Z"}, {"uuid": "3dc31691-ba5c-4521-96ba-faa20b16cde1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13768", "type": "seen", "source": "https://t.me/GithubRedTeam/91654", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #RCE #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-13768\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a MichaelAdamGroberman\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-02 20:50:18\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-13768: Privileged iothubowner IoT Hub credential \u2014 fleet enumeration, device RCE, home-network pivot \u2014 Gardyn (ICSA-26-183-03)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:13.951412Z"}, {"uuid": "238a18f4-3102-405c-bba8-533ace033552", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13768", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93032", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-13768\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a J4ck3LSyN-Gen2\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-11 23:34:10\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nAzure IoT Hub where exposure of an owner-level Shared Access Key enables unauthenticated remote code execution (RCE) against connected IoT devices. Proof-Of-Concept\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:08.559249Z"}, {"uuid": "7b39f724-fd17-45d1-b327-36b5e597acf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13768", "type": "seen", "source": "https://t.me/GithubRedTeam/91654", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #RCE #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-13768\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a MichaelAdamGroberman\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-02 20:50:18\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-13768: Privileged iothubowner IoT Hub credential \u2014 fleet enumeration, device RCE, home-network pivot \u2014 Gardyn (ICSA-26-183-03)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:21.837016Z"}, {"uuid": "0cf749f6-9f72-418d-96c7-8b1b6a9ae766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13768", "type": "seen", "source": "https://t.me/GithubRedTeam/91654", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #RCE #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-13768\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a MichaelAdamGroberman\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-02 20:50:18\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-13768: Privileged iothubowner IoT Hub credential \u2014 fleet enumeration, device RCE, home-network pivot \u2014 Gardyn (ICSA-26-183-03)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-15T00:00:28.209164Z"}]}