{"vulnerability": "cve-2026-34038", "sightings": [{"uuid": "bbe8c964-41fa-4c10-9ac8-b23858451098", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34038", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpz22rxij323", "content": "CVE-2026-34038 - coolify\nCoolify, a server management tool, had a security flaw that allowed users with permission to manage applications to access the server remotely and steal sensitive information.\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#coolify #coollabsio #CVE #infosec", "creation_timestamp": "2026-07-06T21:32:06.220996Z"}, {"uuid": "155f6350-3e54-4891-8c3f-6312d2a818f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34038", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mq36shckli2n", "content": "CVSS 9.9. Authenticated remote command injection. Public exploit available.\n\nCVE-2026-34038.\n\nhttps://www.yazoul.net/news/article/attackers-exploit-simplehelp-cve-2026-48558-to-deploy-taskweaver-and-djinn-steal/\n\n#CyberSecurity #Security", "creation_timestamp": "2026-07-07T18:02:15.070624Z"}, {"uuid": "0be0150c-55da-491d-8302-5ee91567e889", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-34038", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mq52efukpq2n", "content": "\u26a0\ufe0f CVSS 9.9. Authenticated remote command injection. That's not a typo.\n\nhttps://www.yazoul.net/advisory/cve/cve-2026-34038-coolify-rce-leaks-secrets-poc/\n\n#CVE #CyberSecurity", "creation_timestamp": "2026-07-08T11:48:08.951037Z"}]}