{"vulnerability": "cve-2026-43003", "sightings": [{"uuid": "f19d34c3-3153-4ee9-964e-e2f91bde0923", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43003", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mkrydpe5r42p", "content": "CVE-2026-43003 - OpenStack Ironic Python Agent Code Execution Vulnerability\nCVE ID : CVE-2026-43003\n \n Published : May 1, 2026, 9:16 a.m. | 1\u00a0hour, 2\u00a0minutes ago\n \n Description : An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent...", "creation_timestamp": "2026-05-01T11:06:46.036116Z"}, {"uuid": "f0c2f21a-9b16-4ed8-9e01-3edab523cc2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43003", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3ml2gb6s2oq2w", "content": "\ud83d\udccc CVE-2026-43003 - An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent (IPA) sometimes executes grub-install from within a... https://www.cyberhub.blog/cves/CVE-2026-43003", "creation_timestamp": "2026-05-04T19:37:07.990248Z"}, {"uuid": "ba48d058-fd7a-4fbb-ad42-6e7a09ebbfd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43003", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mogrdfmysr2a", "content": "[OSSN-0100] Ironic: Command Injection in IPA (CVE-2026-43003)", "creation_timestamp": "2026-06-16T21:42:44.868727Z"}, {"uuid": "5f8ca04a-890d-40ce-8c87-7318b03cce20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43003", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3molfr75saa25", "content": "OpenStack Ironic fixed a command injection (CVE-2026-43003): a malicious partition image could run crafted binaries within a chroot during bootloader install on BIOS-booted nodes. Bare-metal provisioning makes image trust non-negotiable. How do you validate partition images pre-deploy?\n\n#security", "creation_timestamp": "2026-06-18T17:59:01.670442Z"}]}