{"vulnerability": "cve-2026-3805", "sightings": [{"uuid": "be803747-61a7-4461-bf11-901eb951f6aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-3805", "type": "seen", "source": "https://mastodon.social/users/bagder/statuses/116209234981784209", "content": "", "creation_timestamp": "2026-03-11T06:56:47.483952Z"}, {"uuid": "8c6ed4d0-0014-493c-8c9e-247a48616060", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-3805", "type": "seen", "source": "https://bsky.app/profile/slackers.it/post/3mgtwpmo6wf2y", "content": "", "creation_timestamp": "2026-03-12T08:02:07.176939Z"}, {"uuid": "6df96aba-afc2-4698-a5a8-3a48702fa750", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-3805", "type": "seen", "source": "https://bsky.app/profile/slackers.it/post/3mgtwpnplhc2d", "content": "", "creation_timestamp": "2026-03-12T08:02:08.260729Z"}, {"uuid": "5d8a9709-a61a-4f35-9de9-9c9e6b876a32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-3805", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mhdgyeaii22s", "content": "", "creation_timestamp": "2026-03-18T12:03:19.280394Z"}, {"uuid": "b24f996a-d7d2-4c14-b397-d48927de0ae1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-3805", "type": "seen", "source": "https://mastodon.social/ap/users/115755483699003887/statuses/116211531439936074", "content": "", "creation_timestamp": "2026-03-11T16:40:52.258112Z"}, {"uuid": "b2ca52a3-6373-48ad-b365-059d117f17c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-3805", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0315/", "content": "", "creation_timestamp": "2026-03-18T00:00:00.000000Z"}, {"uuid": "082dae80-b20b-4e84-8bd4-ce7999935801", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-3805", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/79993", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-3805-curl-SMB-UAF\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Rat5ak\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Shell\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-12 11:12:27\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-3805: Use-After-Free in curl SMB connection reuse - heap info disclosure\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-12T12:00:04.000000Z"}, {"uuid": "6df1d7bc-5d61-4348-9f55-8f77c5e84392", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-38059", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-183-01", "content": "", "creation_timestamp": "2026-07-02T17:15:09.609842Z"}, {"uuid": "d9467f1a-ee61-4b4d-a613-2c27c9315ae8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-38057", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-183-01", "content": "", "creation_timestamp": "2026-07-02T17:15:11.804175Z"}, {"uuid": "9ee6c48c-c16a-41ac-bed2-8e97ff97a6ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-38057", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqd56jbznv2f", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-38057 \u0432 iDirect iQ200: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/C2CC8EA5-7635-4CF6-AFFA-C75B0A65C6EC", "creation_timestamp": "2026-07-10T21:54:30.099063Z"}, {"uuid": "bd88d763-d9cd-4785-b1df-56a28c5c8b01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-38059", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqd5755r4m2i", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-38059 \u0432 iDirect iQ200: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/E0024FD2-B8F5-49EB-AFE6-F413834BE866", "creation_timestamp": "2026-07-10T21:54:50.777437Z"}, {"uuid": "63353609-3066-469c-86b2-ace292f702d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-38057", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqgzlmntkp2b", "content": "\ud83d\udfe0 CVE-2026-38057 - High (8.1)\n\nThe iDirect iQ200 does not validate CSRF tokens on state-changing API endpoints after authenticat...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-38057/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-12T11:00:54.522123Z"}, {"uuid": "450447b7-8ea7-4c91-9aae-a333e4e97b9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-38059", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqh4vxtvoc2i", "content": "\ud83d\udfe0 CVE-2026-38059 - High (7.5)\n\nThe iDirect iQ200 exposes the /api/identity and /api/ REST API endpoints without authentication. ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-38059/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-12T12:00:23.136683Z"}]}