{"vulnerability": "cve-2026-4987", "sightings": [{"uuid": "65e39bfc-c8e5-4997-a986-eaa2b3729402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4987", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mi3tfi5rvw2o", "content": "", "creation_timestamp": "2026-03-28T04:49:15.236609Z"}, {"uuid": "70965fcc-5869-4331-8b3a-5dedee18a483", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4987", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mi3ka6v5k327", "content": "", "creation_timestamp": "2026-03-28T02:05:14.161720Z"}, {"uuid": "5a7c7ca5-2b0d-45ce-beb7-d8d585bd114c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4987", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116305273346870948", "content": "", "creation_timestamp": "2026-03-28T06:00:34.394432Z"}, {"uuid": "f044d409-b166-4934-a12f-59f33959ef7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4987", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116309400818400329", "content": "", "creation_timestamp": "2026-03-28T23:30:14.827775Z"}, {"uuid": "7ee24d25-9675-40b2-9a5f-4928379172de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4987", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mi3xezlxof26", "content": "", "creation_timestamp": "2026-03-28T06:00:35.408771Z"}, {"uuid": "b3284866-c330-4ceb-aa59-d47e6a810762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49875", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mnzq3qks772t", "content": "CVE-2026-49875: Apache CXF: XML External Entity (XXE) Injection in W3CMultiSchemaFactory and EndpointReferenceUtils", "creation_timestamp": "2026-06-11T17:15:57.338657Z"}, {"uuid": "c3140ced-4211-400f-9537-46a8fc74e7fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4987", "type": "seen", "source": "Telegram/HQHk6b46qFnTAF0zr_kYdi4jZ1-94Qa5IEvzqYOSjpwlfy8", "content": "", "creation_timestamp": "2026-03-28T03:16:54.000000Z"}, {"uuid": "10eadd50-2caa-4e11-927d-184beb938192", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49875", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3modpy476mu2v", "content": "\ud83d\udea8 CRITICAL ALERT: CVE-2026-49875\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nApache CXF's EndpointReferenceUtils and W3CMultiSchemaFactory classes construct a SAXParserFactory without the necessary JAXP hardening configurations, enabling out-of-band (OOB) \nexternal entity resolution.\u00a0Users are recommended to upgrad", "creation_timestamp": "2026-06-15T16:40:32.796970Z"}]}