{"vulnerability": "cve-2026-4801", "sightings": [{"uuid": "52484a4d-6d96-48e0-891e-1b1b370ba283", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48019", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnep2cl4ya23", "content": "Hidden Mail Manipulation Crisis: Laravel CRLF Injection Flaw (CVE-2026-48019) Opens Door to Email Hijacking and Header Abuse +\u00a0Video\n\n\ud83e\udded Introduction: A Silent Protocol Weakness Turning Trusted Emails Into Attack Vectors Modern web applications rely heavily on automated email systems for\u2026", "creation_timestamp": "2026-06-03T08:31:22.032553Z"}, {"uuid": "5fd50abe-2bb4-43e3-a304-ad05171af1d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48019", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mni47aj5bx2s", "content": "Critical #Laravel CRLF Injection Vulnerability (CVE-2026-48019) allows attackers to manipulate outbound emails. Upgrade to versions 13.10.0 or 12.60.0 immediately! #CyberSecurity #WebSecurity Link: thedailytechfeed.com/critical-lar...", "creation_timestamp": "2026-06-04T17:04:45.023169Z"}, {"uuid": "3adc70f1-e22e-479e-a57c-2a13e8588620", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48011", "type": "published-proof-of-concept", "source": "https://github.com/shopware/shopware/security/advisories/GHSA-7w52-7jvm-m9vw", "content": "", "creation_timestamp": "2026-05-19T16:06:31.000000Z"}, {"uuid": "b6100dab-b70d-440a-a607-f04016cf50bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48012", "type": "published-proof-of-concept", "source": "https://github.com/shopware/shopware/security/advisories/GHSA-4x3x-869w-xx3m", "content": "", "creation_timestamp": "2026-05-19T16:06:53.000000Z"}, {"uuid": "4fd45427-f2da-4b09-b0ce-c52d849ab0fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48017", "type": "published-proof-of-concept", "source": "https://github.com/dbgate/dbgate/security/advisories/GHSA-hv83-ggc4-v385", "content": "", "creation_timestamp": "2026-05-22T07:23:34.000000Z"}, {"uuid": "94159b62-5ff8-43a0-a420-648cab199bb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48017", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moefa77ofs2n", "content": "\ud83d\udfe0 CVE-2026-48017 - High (8.8)\n\nDbGate is cross-platform database manager. In versions 7.1.8 and prior, the POST /runners/load-re...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48017/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-15T23:00:53.753212Z"}, {"uuid": "69ba7524-8704-4a39-8205-31f13de3df55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48017", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moeiuuv7po2c", "content": "CVE-2026-48017 - DbGate: Remote Code Execution via functionName injection in loadReader endpoint\nCVE ID : CVE-2026-48017\n \n Published : June 15, 2026, 10:16 p.m. | 1\u00a0hour, 25\u00a0minutes ago\n \n Description : DbGate is cross-platform database manager. In versions 7.1.8 and prior, t...", "creation_timestamp": "2026-06-16T00:06:08.189675Z"}]}