{"vulnerability": "cve-2026-5278", "sightings": [{"uuid": "1ed9f9d1-0c7e-40b4-8a59-4fa04c4052b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5278", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3migz4pr57x2d", "content": "", "creation_timestamp": "2026-04-01T15:31:01.416393Z"}, {"uuid": "7aefac9e-5bcf-402a-9987-eb16dda5fb28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-5278", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0385/", "content": "", "creation_timestamp": "2026-03-31T17:00:00.000000Z"}, {"uuid": "d5795126-dcf1-4e62-b11a-ebf51c8c8c25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-5278", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities_20260402", "content": "", "creation_timestamp": "2026-04-01T18:00:00.000000Z"}, {"uuid": "4ce656f3-83d7-4a75-851e-e420680d6b4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5278", "type": "seen", "source": "Telegram/0Pt1cki95fA53ajnnsK8Av3dKVeZdTqxfrxRx4frF74hO10", "content": "", "creation_timestamp": "2026-04-01T15:25:49.000000Z"}, {"uuid": "f41e7a94-bb65-4f98-bd26-2319f71868f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52784", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mpa2zyry4n26", "content": "CVE-2026-52784 - Critical CSRF in OpenProject. Attackers can escalate privileges via /users/:id. CVSS 8.8. Update to 17.3.3 or 17.4.1 immediately. #CVE #OpenProject #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-52784/", "creation_timestamp": "2026-06-26T23:13:00.254906Z"}, {"uuid": "e5ee954c-2fa1-45b8-93fe-c3178b58ad6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52784", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpa3nmpsxo27", "content": "CVE-2026-52784 - OpenProject: CSRF on TARGET through /users/:id via POST parameter \"user[admin]\"\nCVE ID : CVE-2026-52784\n \n Published : June 26, 2026, 6:56 p.m. | 4\u00a0hours, 15\u00a0minutes ago\n \n Description : OpenProject is open-source, web-based project management software. Prior ...", "creation_timestamp": "2026-06-26T23:23:58.770725Z"}, {"uuid": "21a9f3da-49f8-422d-8513-79557a0f5d66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52783", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpa3tm22wn2s", "content": "CVE-2026-52783 - OpenProject: Information Disclosure (cleartext storage of data) on localhost through memcached via Others \"storage. .httpx_access_token\" leads to Sensitive Data Exposure\nCVE ID : CVE-2026-52783\n \n Published : June 26, 2026, 6:57 p.m. | 4\u00a0hours, 13\u00a0minutes ago\n...", "creation_timestamp": "2026-06-26T23:27:19.950600Z"}, {"uuid": "2116f3e1-3eec-4bc9-9089-f12e9d9690b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52780", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpa42cxqt52c", "content": "CVE-2026-52780 - OpenProject: Cache store poisoning leads to Remote Code Execution (RCE)\nCVE ID : CVE-2026-52780\n \n Published : June 26, 2026, 7:09 p.m. | 4\u00a0hours, 2\u00a0minutes ago\n \n Description : OpenProject is open-source, web-based project management software. Prior to 17.3.3...", "creation_timestamp": "2026-06-26T23:31:07.016960Z"}, {"uuid": "2872e77e-7e1b-4b81-8406-800e415c4cfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52785", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpa4twxjql23", "content": "CVE-2026-52785 - OpenProject: SQL injection in timestamps functionality\nCVE ID : CVE-2026-52785\n \n Published : June 26, 2026, 6:54 p.m. | 4\u00a0hours, 17\u00a0minutes ago\n \n Description : OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, the...", "creation_timestamp": "2026-06-26T23:45:24.586457Z"}, {"uuid": "b43f5d4e-fe31-41dc-a3ac-b2f13a84dd04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52782", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpa54vks5o2c", "content": "CVE-2026-52782 - OpenProject: IDOR through /projects/ /settings/project_storages/ via PATCH parameter \"storages_project_storage[project_folder_id]\" leads to Access to Unauthorized Resources\nCVE ID : CVE-2026-52782\n \n Published : June 26, 2026, 6:59 p.m. | 4\u00a0hours, 12\u00a0minutes a...", "creation_timestamp": "2026-06-26T23:50:25.081424Z"}, {"uuid": "a941991a-a91c-4d7d-9e68-207c360d39f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52785", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mpenuzqf3u2x", "content": "\ud83d\udd34 CVE-2026-52785 - Critical (9.9)\n\nOpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, th...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-52785/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-28T19:00:54.718527Z"}, {"uuid": "db65632e-919d-41a2-90be-91f54fc5a965", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52780", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mpenvjmkmg2v", "content": "\ud83d\udd34 CVE-2026-52780 - Critical (9.6)\n\nOpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, ca...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-52780/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-28T19:01:10.960856Z"}, {"uuid": "9fbae03c-3c8e-4d4f-b664-8cc4b0b5ed22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52782", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mper7mwwdo2x", "content": "\ud83d\udd34 CVE-2026-52782 - Critical (9.9)\n\nOpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, th...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-52782/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-28T20:00:31.601377Z"}, {"uuid": "34c96109-036e-4f57-a2cc-15d7054ca57b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52783", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mper7ufns52x", "content": "\ud83d\udfe0 CVE-2026-52783 - High (8.2)\n\nOpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, Op...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-52783/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-28T20:00:39.163928Z"}, {"uuid": "aedf21da-ecd6-48ce-bbf5-3c8172f917fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52784", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mpera3svdj2s", "content": "\ud83d\udfe0 CVE-2026-52784 - High (8.8)\n\nOpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, th...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-52784/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-28T20:00:47.562848Z"}]}