{"vulnerability": "cve-2026-2387", "sightings": [{"uuid": "7c4d26e3-6731-40fe-9028-1ecaa54d4f4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23876", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mesx2hxewk22", "content": "", "creation_timestamp": "2026-02-14T11:45:12.254989Z"}, {"uuid": "b067527c-2d65-417f-ae46-e595337423b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23876", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mesyoqrxh222", "content": "", "creation_timestamp": "2026-02-14T12:14:26.125167Z"}, {"uuid": "b73b0f8c-94e2-4829-98c5-77a883f4df48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23874", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3me2x2mlmvs2u", "content": "", "creation_timestamp": "2026-02-04T22:41:21.858462Z"}, {"uuid": "a1e39a19-d71e-4c22-91da-3874eaa5dec1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23876", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mejermbvlc2b", "content": "", "creation_timestamp": "2026-02-10T16:24:09.459167Z"}, {"uuid": "c70a8827-91b0-4902-af9a-bf643111a5d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23875", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mcsobeakaa2c", "content": "", "creation_timestamp": "2026-01-19T22:17:32.329756Z"}, {"uuid": "39a9970b-e7d4-49fc-805b-867d234bf1b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23877", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mcspyy5v4q2t", "content": "", "creation_timestamp": "2026-01-19T22:48:38.816164Z"}, {"uuid": "eeeca773-0f2c-4319-bec8-e0fbb118d09b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23876", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mct23dchld2h", "content": "", "creation_timestamp": "2026-01-20T01:48:54.981660Z"}, {"uuid": "f30fee44-0c2a-4198-91bb-6c25f20d1ab4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23876", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mct2qnmekt2m", "content": "", "creation_timestamp": "2026-01-20T02:00:51.557025Z"}, {"uuid": "b7633d5c-359d-4528-8b09-7a18b31b8d95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23876", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mct2rg7l2z23", "content": "", "creation_timestamp": "2026-01-20T02:01:17.014156Z"}, {"uuid": "fd577976-6db3-4cc6-8db4-37364cb953e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23874", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mct3hy4a3k2i", "content": "", "creation_timestamp": "2026-01-20T02:13:53.208139Z"}, {"uuid": "5aabf296-96b0-45c9-9213-42e390381758", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23876", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3mctsathpr22b", "content": "", "creation_timestamp": "2026-01-20T09:01:43.157676Z"}, {"uuid": "63a2cb88-6fe4-4f55-a6ab-908c41253eab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23876", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3mctsayo5wk2b", "content": "", "creation_timestamp": "2026-01-20T09:01:43.675207Z"}, {"uuid": "ed899c60-ce68-4dc7-b611-88520e23df14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23876", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3mctsb426xk2b", "content": "", "creation_timestamp": "2026-01-20T09:01:44.143453Z"}, {"uuid": "48a4f591-0a3f-4335-8948-128a5d461347", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23876", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mcvt7zpeki2s", "content": "", "creation_timestamp": "2026-01-21T04:24:15.655295Z"}, {"uuid": "bc37c174-ded7-4cfa-82da-c2c35ec57768", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23873", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mcy3bo4nqh2i", "content": "", "creation_timestamp": "2026-01-22T01:53:40.085244Z"}, {"uuid": "60018fa3-0a7a-4ac4-b94d-ab988d5e1c43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23873", "type": "seen", "source": "https://gist.github.com/Darkcrai86/110313fec3aa5ef807926a3e32054cfb", "content": "", "creation_timestamp": "2026-01-22T09:22:06.000000Z"}, {"uuid": "ff976e7f-7398-4238-b487-e7032b31d5b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23874", "type": "seen", "source": "https://gist.github.com/alon710/81c73fe4b606f298eee7d18920a81bba", "content": "", "creation_timestamp": "2026-01-24T21:23:29.000000Z"}, {"uuid": "69ddee81-41ce-4f39-a038-d54b5110f26d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23877", "type": "seen", "source": "https://gist.github.com/alon710/ef2824c2c5f1036a995f9a96abe3f48d", "content": "", "creation_timestamp": "2026-01-24T21:23:22.000000Z"}, {"uuid": "584b0e7f-0fe5-4bcd-9180-aa422227a623", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23877", "type": "seen", "source": "https://gist.github.com/alon710/dae5eabe48079d615475755a8df2d7b5", "content": "", "creation_timestamp": "2026-01-24T22:22:38.000000Z"}, {"uuid": "b967ef43-0b79-47a8-97c2-29b8770bce15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23877", "type": "seen", "source": "https://gist.github.com/alon710/e4fac37b6b446daac84efcc33834c24f", "content": "", "creation_timestamp": "2026-01-24T22:22:35.000000Z"}, {"uuid": "d98d4422-9506-4e41-ace2-563101efe5cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23870", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml77m25mcy2e", "content": "\ud83d\udfe0 CVE-2026-23870 - High (7.5)\n\nA denial of service vulnerability could be triggered by sending specially crafted HTTP requests t...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-23870/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-06T17:21:14.834662Z"}, {"uuid": "faac5782-bf47-4029-83a0-c6783b2a1982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23870", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mldmplhieu25", "content": "Is Your React App Vulnerable to the CVE-2026-23870 DoS Attack?", "creation_timestamp": "2026-05-08T11:26:30.800771Z"}, {"uuid": "4c97ffda-f2bf-4dee-a389-da37cd897570", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23870", "type": "seen", "source": "Telegram/Aa-0BibdUURQTQB8vAK81JOhZI4LJlfkqSwyDkBvxH4d8YE", "content": "", "creation_timestamp": "2026-05-08T03:00:10.000000Z"}, {"uuid": "8109e4eb-1f73-45eb-8fec-60cd6242169e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23870", "type": "seen", "source": "Telegram/xvoYgOFnUf5jFw65_bW2FC7fcn6orx4l4LTjm0d68ZkOEzo", "content": "", "creation_timestamp": "2026-05-08T03:00:06.000000Z"}, {"uuid": "1a60b093-de2d-4bd1-b769-fc9ceacf5265", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23870", "type": "seen", "source": "https://www.acn.gov.it/portale/w/next.js-aggiornamenti-di-sicurezza-1", "content": "", "creation_timestamp": "2026-05-08T12:09:44.000000Z"}, {"uuid": "ab8edd6f-1a6e-497e-8a06-3f646b148423", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23870", "type": "seen", "source": "https://bsky.app/profile/solomonneas.dev/post/3mlgmkn3pnk2p", "content": "\ud83d\udee0\ufe0f Next.js May 2026: 13 security advisories patched\nUpgrade for CVE-2026-23870, SSRF, XSS and cache poisoning.\n\n\ud83d\udee0\ufe0f GitHub Copilot: Sonnet 4 deprecated, GPT-4.1 ends Jun 1\nUpdate pinned model configs.\n\n\ud83d\udee0\ufe0f LangChain 0.3.30: CVE fix, hub deprecations\nsolomonneas.dev/intel", "creation_timestamp": "2026-05-09T16:01:44.199336Z"}, {"uuid": "23d85e20-567d-4372-8991-129683ec5c03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23870", "type": "published-proof-of-concept", "source": "https://t.me/htfgtps/1107", "content": "CVE-2026-23870, CVE-2026-44575, CVE-2026-44579, CVE-\n2026-44574, CVE-2026-44578, CVE-2026-44573, CVE-2026-\n44581, CVE-2026-44580, CVE-2026-44577, CVE-2026-44576,\nCVE-2026-44582, CVE-2026-44572\nhttps://github.com/dwisiswant0/next-16.2.4-pocs", "creation_timestamp": "2026-05-11T06:42:58.000000Z"}, {"uuid": "635ed5e7-7c90-4903-9543-eecb038122f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23870", "type": "seen", "source": "https://t.me/GithubRedTeam/84090", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a nextjs-cve-2026-23870-checker\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a emresandikci\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-13 14:50:14\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nChecker and fixer for all 13 vulnerabilities in the Next.js May 2026 security release (CVE-2026-23870)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-13T15:00:06.000000Z"}, {"uuid": "9719f1eb-bff2-4968-848d-f8b50e80c859", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23870", "type": "seen", "source": "Telegram/O41s4ZacceniC-zmRdA20LKtlUfLN8dJaI2Rmc1hsAXigiA", "content": "", "creation_timestamp": "2026-05-13T21:00:04.000000Z"}, {"uuid": "99dd2202-b12c-4090-b2a0-3f5f65248ddb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23877", "type": "published-proof-of-concept", "source": "https://github.com/swingmx/swingmusic/security/advisories/GHSA-pj88-9xww-gxmh", "content": "", "creation_timestamp": "2026-01-18T18:32:03.000000Z"}, {"uuid": "fa614ba4-7aca-4be8-b19c-ca2a1b4a436a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23879", "type": "published-proof-of-concept", "source": "https://github.com/miurahr/py7zr/security/advisories/GHSA-q6rc-2cgv-63h7", "content": "", "creation_timestamp": "2026-06-19T09:31:59.000000Z"}, {"uuid": "cab1d463-b341-48fe-b1d0-8f472bfca05c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23879", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mp2wxlnzkj2d", "content": "py7zr 1.1.2\u4ee5\u524d\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u3067\u3001\u60aa\u610f\u306e\u3042\u308b\u30b7\u30f3\u30dc\u30ea\u30c3\u30af\u30ea\u30f3\u30af\u30c1\u30a7\u30fc\u30f3\u306b\u3088\u308a\u3001\u30a2\u30fc\u30ab\u30a4\u30d6\u5185\u306e\u30d5\u30a1\u30a4\u30eb\u304c\u6307\u5b9a\u5916\u306e\u5834\u6240\u306b\u66f8\u304d\u8fbc\u307e\u308c\u308b\u8106\u5f31\u6027\u3002\u3053\u308c\u306b\u3088\u308a\u3001\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u306a\u3069\u306e\u88ab\u5bb3\u3092\u53d7\u3051\u308b\u53ef\u80fd\u6027\u2026\nCVE-2026-23879 CVSS 8.0 | HIGH", "creation_timestamp": "2026-06-24T22:16:45.627156Z"}, {"uuid": "b9ab550b-88be-4908-879f-0589ad657b1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23879", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mp326xv2w62h", "content": "CVE-2026-23879 - Critical RCE in Py7zr. Arbitrary file write via symbolic link chains allows escape from destination directory. CVSS 8.0. No patch available. Update or avoid extraction of untrusted 7z archives. #CVE #infosec #Python\n\nhttps://www.valtersit.com/cve/CVE-2026-23879/", "creation_timestamp": "2026-06-24T23:14:35.029665Z"}, {"uuid": "0fdb2323-5d76-4daf-9bd8-fd4901bb5923", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2387", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpljxtws6y26", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-2387 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 Event Organiser \u0434\u043b\u044f WordPress: \u0443\u0433\u0440\u043e\u0437\u0430 Stored XSS \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/248C5AB3-5480-4EC2-A667-C421658DD8FD", "creation_timestamp": "2026-07-01T12:39:31.592686Z"}, {"uuid": "258719bd-8e3b-489d-9076-79e4ecc707be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2387", "type": "seen", "source": "https://bsky.app/profile/qiancx.bsky.social/post/3mpljxyict32a", "content": "WordPress\u63d2\u4ef6\u6f0f\u6d1e\u8b66\u544a:Event Organiser\u5b58\u50a8\u578bXSS\u6f0f\u6d1e(CVE-2026-2387)\u8be6\u89e3\u4e0e\u9632\u62a4\u6307\u5357\n\n\n\nhttps://qian.cx/posts/8FF8D1F5-2A69-4711-93E7-DBED99392F61", "creation_timestamp": "2026-07-01T12:39:35.915436Z"}, {"uuid": "9de98ff0-996a-4259-8b49-f48ad5135372", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2387", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mpstcgewpj2v", "content": "CVE-2026-2387 event-organiser (CVSS Score 6.4) \n\n#WordPress plugin #vulnerability #potatosecurity #wordpressfirewall #mashing #wpsecurity #atomicedge #potatosecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-07-04T10:15:08.159357Z"}, {"uuid": "005846ff-cf2d-41a4-b574-8ff2ce07835d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2387", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3mpstcfv6pj2b", "content": "CVE-2026-2387 event-organiser (CVSS Score 6.4) \n\n#WordPress plugin #vulnerability #cybersecurity #wordpressfirewall #hacking #wpsecurity #atomicedge #cybersecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-07-04T10:15:07.616307Z"}]}