{"vulnerability": "cve-2026-48772", "sightings": [{"uuid": "1a13abc3-0c31-43fa-9409-f047262709af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48772", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mooef5dho623", "content": "CVE-2026-48772 - ProxySQL: PROXY-Protocol-v1 UNKNOWN parses spoofed source IP, bypassing mysql_query_rules.client_addr ACL\nCVE ID : CVE-2026-48772\n \n Published : June 19, 2026, 7:28 p.m. | 2\u00a0hours, 14\u00a0minutes ago\n \n Description : ProxySQL is a proxy for MySQL and its forks, as...", "creation_timestamp": "2026-06-19T22:12:24.695639Z"}, {"uuid": "16b94a2a-11fb-4013-878f-925e17694dae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48772", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116780553070568538", "content": "CVE-2026-48772 (CRITICAL): ProxySQL 2.0.0 \u2013 3.0.8 lets attackers spoof source IPs via PROXY protocol v1, bypassing routing & ACLs. Upgrade to 3.0.9 or later. Restrict frontend port access. Details: https://radar.offseq.com/threat/cve-2026-48772-cwe-348-use-of-less-trusted-source--40b83fbf2f9ef184 #OffSeq #ProxySQL #CVE202648772 #Security", "creation_timestamp": "2026-06-20T04:30:27.479838Z"}, {"uuid": "b43eed77-4b3f-4037-8f56-de531641daa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48772", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3moozj7zulg2u", "content": "ProxySQL 2.0.0 \u2013 3.0.8 (CVE-2026-48772, CRITICAL) lets attackers spoof source IPs, bypassing DB routing & ACLs. Upgrade to 3.0.9+ and restrict port access. https://radar.offseq.com/threat/cve-2026-48772-cwe-348-use-of-less-trusted-source--40b83fbf2f9ef184 #OffSeq #ProxySQL #Security", "creation_timestamp": "2026-06-20T04:30:28.590020Z"}, {"uuid": "ba6640e7-b114-4278-ab02-3321b82732cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48772", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3moutqahcyf2j", "content": "CVE-2026-48772 - Critical Unauthorized Access in ProxySQL. CVSS 10.0. Vulnerable versions 2.0.0-3.0.8 accept malformed PROXY UNKNOWN headers, bypassing authentication. No patch available. Upgrade or disable PROXY protocol immediately. #CVE ...\n\nhttps://www.valtersit.com/cve/CVE-2026-48772/", "creation_timestamp": "2026-06-22T12:03:00.082635Z"}]}