{"vulnerability": "cve-2026-5019", "sightings": [{"uuid": "1d8f2285-cf4f-41b2-be4d-781fc71fbb96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5019", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mi5tqe2i6u2s", "content": "", "creation_timestamp": "2026-03-29T00:00:40.427396Z"}, {"uuid": "541debec-5fbd-4942-9544-916ff415047f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5019", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mi5tyngws42s", "content": "", "creation_timestamp": "2026-03-29T00:05:18.031124Z"}, {"uuid": "30eb6ae8-73e0-465b-b2ab-5561e285ba03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5019", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3minif5q4um2q", "content": "", "creation_timestamp": "2026-04-04T05:20:08.337333Z"}, {"uuid": "fa31238b-5e6f-45bc-8664-c71375577ba4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5019", "type": "published-proof-of-concept", "source": "Telegram/2ZCZ0X-U_suKs7wtR6ZGpeXrnXUtKYHoBRWUbFIBTrMUhlY", "content": "", "creation_timestamp": "2026-03-29T01:15:46.000000Z"}, {"uuid": "125c6075-809f-411a-802d-893822ce6202", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50196", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3molwuneim227", "content": "CVE-2026-50196 - Insecure Deserialization in Steeltoe. CVSS 7.5. Leads to DoS via unhandled exception in Eureka cache refresh. No patch yet. Monitor and apply workarounds. #CVE #Steeltoe #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-50196/", "creation_timestamp": "2026-06-18T23:05:10.802659Z"}, {"uuid": "8d42508b-7283-4fe1-88ce-7323694951bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50195", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mom72udh7u25", "content": "[containerd] Patch releases addressing CVE-2026-50195, CVE-2026-53488, CVE-2026-53492, CVE-2026-53489, and CVE-2026-47262", "creation_timestamp": "2026-06-19T01:31:49.293270Z"}, {"uuid": "8dcd6160-07fd-4b57-bb31-dd807fd43f50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50195", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3momyrcpuo42y", "content": "containerd patched five CRI-plugin CVEs at once across 2.3.2, 2.2.5, 2.1.9, 2.0.10 and 1.7.33, all reported by AWS. CVE-2026-50195 poisons an image tag through checkpoint import. Have you audited which restore paths your clusters actually allow?\n\n#containers", "creation_timestamp": "2026-06-19T09:11:46.135556Z"}, {"uuid": "5436a69a-9607-4fa4-9b3e-7b31abe291a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50195", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3mon3ocbcmd2e", "content": "containerd patched 1.7 through 2.3 in one coordinated drop, so managed Kubernetes everywhere now has five CVEs to clear. The riskiest, CVE-2026-50195, abuses checkpoint restore. Who owns runtime patching on your team, platform or security?\n\n#kubernetes", "creation_timestamp": "2026-06-19T10:03:46.866108Z"}, {"uuid": "126ce7b4-26f3-4228-b5c9-cf67ad733f6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50195", "type": "seen", "source": "https://bsky.app/profile/mfahlandt.bsky.social/post/3mouxgsffum2z", "content": "\u26a0\ufe0f Strimzi Kafka Operator 1.0.1 removes older CRD API support.\n- Strimzi 1.0.1: Drops v1beta2, v1beta1, v1alpha1 CRD APIs.\n- containerd: Fixes CVE-2026-50195, CVE-2026-53488.\n- Prometheus v3.5.4: Addresses GHSA-39j6-789q-qxvh.\nFull breakdown:\n\nhttps://lwcn.dev/newsletter/2026-week-26/", "creation_timestamp": "2026-06-22T13:09:18.170382Z"}, {"uuid": "795222fe-6a87-44bd-a3ff-ea50a79d1612", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50193", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moylsm4iin2j", "content": "CVE-2026-50193 - jackson-databind: Deeply nested JsonNode throws StackOverflowError for toString()\nCVE ID : CVE-2026-50193\n \n Published : June 23, 2026, 9 p.m. | 2\u00a0hours, 44\u00a0minutes ago\n \n Description : jackson-databind contains the general-purpose data-binding functionality a...", "creation_timestamp": "2026-06-23T23:51:47.707622Z"}]}