{"vulnerability": "cve-2026-4983", "sightings": [{"uuid": "84c4bfa4-1040-4d28-9e7c-6d8932780abe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4983", "type": "seen", "source": "https://bsky.app/profile/cybersecinsight.bsky.social/post/3moztf4hs7n2y", "content": "\ud83d\udd0d Vulnerability Spotlight | Part 2/3\n\n\u26a0\ufe0f CVE-2026-4983\n\nOpen VSX Registry does not sanitize SVG files uploaded as extension icons prior to storage, and serves them with Content-Type: image/svg+xml withou...", "creation_timestamp": "2026-06-24T11:40:04.627249Z"}, {"uuid": "78b3f41d-676b-4118-ba6e-fd7a99265e9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49839", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp4yt3of422z", "content": "CVE-2026-49839 - jq --rawfile invalid-state reuse after String too long causes heap-buffer-overflow\nCVE ID : CVE-2026-49839\n \n Published : June 25, 2026, 5:17 p.m. | 27\u00a0minutes ago\n \n Description : jq is a command-line JSON processor. Prior to 1.8.2,` jq --rawfile` can turn a ...", "creation_timestamp": "2026-06-25T17:55:22.030452Z"}]}