{"vulnerability": "cve-2026-41566", "sightings": [{"uuid": "2c8151e3-bc5e-4ebf-b594-78ecfc7b91d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41566", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mp3n3zxwyc2k", "content": "CVE-2026-41566: Apache Kvrocks: Improper permission for the APPLYBATCH command", "creation_timestamp": "2026-06-25T04:52:57.199508Z"}, {"uuid": "01510adf-862b-403c-879b-553589637d0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41566", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mp47xkc55u2l", "content": "CRITICAL vuln (CVE-2026-41566) in Apache Kvrocks 2.8.0 \ud83d\udea8. Improper permission checks enable privilege escalation. Upgrade to 2.16.0 ASAP. https://radar.offseq.com/threat/cve-2026-41566-cwe-280-improper-handling-of-insuff-5835abc74e4991d0 #OffSeq #Kvrocks #Security", "creation_timestamp": "2026-06-25T10:30:28.026710Z"}, {"uuid": "933d0803-b091-4492-b0ae-7d6d417c5efc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41566", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116810280165253214", "content": "CVE-2026-41566 (CRITICAL, CVSS 9.4) in Apache Kvrocks 2.8.0 allows privilege escalation via improper permission handling. Upgrade to 2.16.0 is required \u2014 no other mitigation. Details: https://radar.offseq.com/threat/cve-2026-41566-cwe-280-improper-handling-of-insuff-5835abc74e4991d0 #OffSeq #CVE202641566 #Kvrocks #Security", "creation_timestamp": "2026-06-25T10:30:36.398303Z"}, {"uuid": "01479b15-ea89-41f7-93ff-e2016cfe68a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41566", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mp664farbr2v", "content": "Daily IT Security Digest \u2014 2026-06-26\n2. CVE-2026-41566 \u2014 Apache Kvrocks Critical Privilege Escalation (CVSS 9.4)\n\nA critical privilege escalation vulnerability in Apache Kvrocks 2.8.0 allows attackers to gain elevated permissions through improper permission handling. Red Hat has flagged it as a", "creation_timestamp": "2026-06-26T05:02:42.011999Z"}, {"uuid": "42895a04-013b-4063-bc42-208213ffaaa6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41566", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mpaom3n7kp2g", "content": "Daily IT Security Digest \u2014 2026-06-27\nan XML injection in certificate generation (8.6). Additional relibc DoS vulnerabilities were also disclosed. Immediate patching recommended for all affected products.\n\n## 8. Apache Kvrocks Privilege Escalation (CVE-2026-41566) \u2014 CRITICAL CVSS 9.4\nA critical\n\u2026", "creation_timestamp": "2026-06-27T05:03:08.141262Z"}]}