{"vulnerability": "cve-2026-45408", "sightings": [{"uuid": "e21aa45b-5124-4814-b6ff-7d4397a3ae95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45408", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7kmzy3za2c", "content": "CVE-2026-45408 - Dokku: OS Command Injection via App Name in Git Pre-Receive Hook\nCVE ID : CVE-2026-45408\n \n Published : June 26, 2026, 4:19 p.m. | 1\u00a0hour, 25\u00a0minutes ago\n \n Description : Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex (^[a-z0-9]...", "creation_timestamp": "2026-06-26T18:19:25.395483Z"}, {"uuid": "73df28a4-420b-4fff-bf90-62281a036548", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45408", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mpd7btxcpw2h", "content": "CVE-2026-45408 - Critical Command Injection in Dokku. CVSS 9.0. No patch available. Mitigations required. Limit git push access and review app name validation. #CVE #Dokku #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-45408/", "creation_timestamp": "2026-06-28T05:06:57.828397Z"}, {"uuid": "61eea565-bc8e-462e-9320-2502a7d268b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45408", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mphsssv2ny2e", "content": "\ud83d\udccc CVE-2026-45408 - Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex (^[a-z0-9][^/:_A-Z]*$) permits shell metacharacters. When an authentica... https://www.cyberhub.blog/cves/CVE-2026-45408", "creation_timestamp": "2026-06-30T01:07:07.269275Z"}]}