{"vulnerability": "cve-2026-5347", "sightings": [{"uuid": "a7e07126-34d2-4936-bbbf-e30debf6afc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53471", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnx3omauls2q", "content": "CVE-2026-53471 - Migration-planner: agent api ignores jwt source_id claim\nCVE ID : CVE-2026-53471\n \n Published : June 10, 2026, 1:55 p.m. | 1\u00a0hour, 20\u00a0minutes ago\n \n Description : A flaw was found in migration-planner. The agent-API middleware processes JSON Web Tokens (JWTs) ...", "creation_timestamp": "2026-06-10T16:05:22.614816Z"}, {"uuid": "27cad08a-c3e5-4281-96f1-5efc2af2d868", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53475", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnx5aw3rxy2p", "content": "CVE-2026-53475 - Assisted-migration-agent: tls verification disabled on all vcenter connections\nCVE ID : CVE-2026-53475\n \n Published : June 10, 2026, 1:55 p.m. | 1\u00a0hour, 20\u00a0minutes ago\n \n Description : A flaw was found in assisted-migration-agent. The application hardcodes ins...", "creation_timestamp": "2026-06-10T16:33:30.604633Z"}, {"uuid": "e80507e9-2a73-4b19-a0ab-a594712c64b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53476", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mobvmc2r5y2m", "content": "\ud83d\udea8  ALERT: CVE-2026-53476\n\nCVSS 9.6/10\n\n\ud83d\udccb WHAT IT IS:\nA flaw was found in assisted-migration-agent. An unauthenticated attacker, located on the same local area network (LAN), can exploit a path traversal vulnerability. By crafting a specially designed gzipped tarball, the attacker can bypass security", "creation_timestamp": "2026-06-14T23:15:59.321544Z"}, {"uuid": "2a9157cd-f196-4630-8de2-339a1230bbcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53474", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mobvmivqxy2m", "content": "\ud83d\udea8  ALERT: CVE-2026-53474\n\nCVSS 9.6/10\n\n\ud83d\udccb WHAT IT IS:\nA flaw was found in migration-planner. A remote authenticated attacker could exploit this vulnerability by uploading a specially crafted RVTools .xlsx file. Due to improper input sanitization, malicious SQL embedded within a spreadsheet cell is ex", "creation_timestamp": "2026-06-14T23:16:06.475928Z"}, {"uuid": "10ed671b-9792-4f26-98a8-c40b1afd6834", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53470", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mobvmpno5q2m", "content": "\ud83d\udea8  ALERT: CVE-2026-53470\n\nCVSS 9.6/10\n\n\ud83d\udccb WHAT IT IS:\nA flaw was found in migration-planner. An authenticated attacker could exploit an improper access control vulnerability in the `/api/v1/sources/{id}/image-url` endpoint. This flaw allows the attacker to bypass an ownership check and obtain presign", "creation_timestamp": "2026-06-14T23:16:13.418612Z"}, {"uuid": "131862dd-c65c-420e-b1c6-4a61f22355f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53475", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mobvneo55v2k", "content": "\ud83d\udea8  ALERT: CVE-2026-53475\n\nCVSS 9.3/10\n\n\ud83d\udccb WHAT IT IS:\nA flaw was found in assisted-migration-agent. The application hardcodes insecure Transport Layer Security (TLS) connections when communicating with vCenter. This vulnerability allows a Man-in-the-Middle (MITM) attacker to intercept and harvest vCe", "creation_timestamp": "2026-06-14T23:16:35.412841Z"}, {"uuid": "7c4c3b12-3d51-467a-be3a-f8d90e3b2984", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53470", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3modpi4b34v2k", "content": "\ud83d\udea8 CRITICAL: CVE-2026-53470\n\nCVSS 9.6/10\n\n\ud83d\udccb WHAT IT IS:\nA flaw was found in migration-planner. An authenticated attacker could exploit an improper access control vulnerability in the `/api/v1/sources/{id}/image-url` endpoint. This flaw allows the attacker to bypass an ownership check and obtain presi", "creation_timestamp": "2026-06-15T16:31:52.493438Z"}, {"uuid": "8af56111-b128-4976-adc2-57d6a242e33c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53474", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3modpia5svc2b", "content": "\ud83d\udea8 CRITICAL: CVE-2026-53474\n\nCVSS 9.6/10\n\n\ud83d\udccb WHAT IT IS:\nA flaw was found in migration-planner. A remote authenticated attacker could exploit this vulnerability by uploading a specially crafted RVTools .xlsx file. Due to improper input sanitization, malicious SQL embedded within a spreadsheet cell is ", "creation_timestamp": "2026-06-15T16:32:00.176910Z"}, {"uuid": "cb9faf21-df6d-4727-b5a1-2f331337bb56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53476", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mog6lcoy6e26", "content": "\ud83d\udccc CVE-2026-53476 - A flaw was found in assisted-migration-agent. An unauthenticated attacker, located on the same local area network (LAN), can exploit a path traversal ... https://www.cyberhub.blog/cves/CVE-2026-53476", "creation_timestamp": "2026-06-16T16:07:08.975706Z"}, {"uuid": "91302140-e36d-47cf-9e24-d0add7461463", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53474", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mogaatz5ok2a", "content": "\ud83d\udccc CVE-2026-53474 - A flaw was found in migration-planner. A remote authenticated attacker could exploit this vulnerability by uploading a specially crafted RVTools .xlsx... https://www.cyberhub.blog/cves/CVE-2026-53474", "creation_timestamp": "2026-06-16T16:37:05.670117Z"}, {"uuid": "a2848707-6e6f-4a3b-9335-eebd9d220847", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53475", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mogbwkc7662z", "content": "\ud83d\udccc CVE-2026-53475 - A flaw was found in assisted-migration-agent. The application hardcodes insecure Transport Layer Security (TLS) connections when communicating with vC... https://www.cyberhub.blog/cves/CVE-2026-53475", "creation_timestamp": "2026-06-16T17:07:36.899180Z"}, {"uuid": "c4cce3d7-0436-4d1d-98ab-55c8a73c5d5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53470", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3moklfekh2s2k", "content": "\ud83d\udccc CVE-2026-53470 - A flaw was found in migration-planner. An authenticated attacker could exploit an improper access control vulnerability in the `/api/v1/sources/{id}/i... https://www.cyberhub.blog/cves/CVE-2026-53470", "creation_timestamp": "2026-06-18T10:07:09.497406Z"}, {"uuid": "cf04f9c4-717e-4a70-87ef-79edbe2d2f38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53471", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mokn2xwxmc2k", "content": "\ud83d\udccc CVE-2026-53471 - A flaw was found in migration-planner. The agent-API middleware processes JSON Web Tokens (JWTs) for authentication, but its UpdateSourceInventory and... https://www.cyberhub.blog/cves/CVE-2026-53471", "creation_timestamp": "2026-06-18T10:37:06.720614Z"}, {"uuid": "9159699f-b35e-4ff6-b16f-3bd6eeef5c39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53478", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116856686523319523", "content": "A new vulnerability with increased severity was disclosed for Dell PowerProtect Data Domain (CVE-2026-53478) https://vuldb.com/vuln/376127", "creation_timestamp": "2026-07-03T15:12:10.600903Z"}, {"uuid": "745b13cf-42f9-4e99-9ede-cfecb1dd49b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53478", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpr5aoq22i23", "content": "CVE-2026-53478 - Dell PowerProtect Data Domain OS Command Injection\nCVE ID : CVE-2026-53478\n \n Published : July 3, 2026, 2:03 p.m. | 3\u00a0hours, 43\u00a0minutes ago\n \n Description : Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8....", "creation_timestamp": "2026-07-03T18:07:47.385287Z"}, {"uuid": "7d2725f9-aebe-4b1b-a8c4-cfe24e5491cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53478", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3mpr743cwtz2e", "content": "\ud83d\udc1b VULNERABILITIES CVE Notify: \ud83d\udea8 [CVE-2026-53478](https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-...\nhttps://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities #ZeroDay #PatchManagement ", "creation_timestamp": "2026-07-03T18:41:00.407974Z"}, {"uuid": "93790e50-9bcd-4be2-89ce-dd3a54378bef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53478", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpspbdw3rk2c", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-53478 \u0432 Dell PowerProtect Data Domain: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/C064EA24-CD26-41F1-A378-FB735654D5CD", "creation_timestamp": "2026-07-04T09:02:57.046145Z"}]}