{"vulnerability": "cve-2026-52844", "sightings": [{"uuid": "0d44be9d-dd4d-4473-be01-c9d4b26dadc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-52844", "type": "published-proof-of-concept", "source": "https://github.com/caddyserver/caddy/security/advisories/GHSA-qrp7-cvwr-j2c6", "content": "", "creation_timestamp": "2026-06-08T22:24:46.000000Z"}, {"uuid": "cc790936-0072-4144-968d-8e17b38934cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52844", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moy756hrqk2r", "content": "CVE-2026-52844 - Caddy: Windows `file_server` path authorization bypass via encoded backslash\nCVE ID : CVE-2026-52844\n \n Published : June 23, 2026, 5:50 p.m. | 1\u00a0hour, 53\u00a0minutes ago\n \n Description : Caddy is an extensible server platform that uses TLS by default. Prior to 2.1...", "creation_timestamp": "2026-06-23T20:05:07.189195Z"}, {"uuid": "50204c27-0cdd-4011-b12c-e51bf8c63dca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52844", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3moyjjmoi3g2j", "content": "CVE-2026-52844 - Path Traversal in Caddy on Windows. CVSS 7.5. Unauthenticated remote attackers can bypass auth/deny routes protecting /private/*. Fixed in 2.11.4. Update immediately. #CVE #Caddy #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-52844/", "creation_timestamp": "2026-06-23T23:10:58.839661Z"}, {"uuid": "86408728-f049-4928-a384-a0c61e90e8cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52844", "type": "seen", "source": "https://bsky.app/profile/netalexx.bsky.social/post/3moykdgad322x", "content": "CVE-2026-52844 is a critical path traversal vulnerability affecting Caddy", "creation_timestamp": "2026-06-23T23:25:26.472446Z"}]}