{"vulnerability": "cve-2026-5544", "sightings": [{"uuid": "0514e032-8bf0-41d2-95b7-ae860836e7db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5544", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116350571381247640", "content": "", "creation_timestamp": "2026-04-05T06:00:26.816307Z"}, {"uuid": "0631af9b-cda0-48a9-9485-772f6076be12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5544", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3miq346xudm26", "content": "", "creation_timestamp": "2026-04-05T06:00:28.825341Z"}, {"uuid": "376732b8-f075-468b-8ab7-fa514a9e549f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5544", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3miq4h7rsll2d", "content": "", "creation_timestamp": "2026-04-05T06:24:32.807556Z"}, {"uuid": "ab5000e0-31de-4ae2-95ab-9879ce95e6c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5544", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3miqdac3c2g2d", "content": "", "creation_timestamp": "2026-04-05T08:25:55.949341Z"}, {"uuid": "3da342d4-9c3a-4447-b1ec-a222540c1a19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5544", "type": "published-proof-of-concept", "source": "Telegram/7OZnwgDEu8BHlthRXYLSnk6yrSdsBNIe0Sz4W2lgvEKgNgE", "content": "", "creation_timestamp": "2026-04-05T07:15:34.000000Z"}, {"uuid": "5ee9e7b4-e210-4096-9f7e-bc7c9bff1a5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55447", "type": "published-proof-of-concept", "source": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-ccv6-r384-xp75", "content": "", "creation_timestamp": "2026-06-19T13:25:18.000000Z"}, {"uuid": "98e3bfb8-8018-4339-96d1-78d3e44eeb0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55446", "type": "published-proof-of-concept", "source": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-qwqc-p3q8-wcg9", "content": "", "creation_timestamp": "2026-06-19T13:09:48.000000Z"}, {"uuid": "18f0da16-54e6-48c9-aff8-b932eb7cb389", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55447", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3moopuvtpix24", "content": "A single poisoned document dropped into a Langflow RAG pipeline reads any file on the box, forges a login token, then runs code. CVE-2026-55447, CVSS 9.6. Patched in 1.9.2.\n\n#CVE #infosec #cybersecurity", "creation_timestamp": "2026-06-20T01:38:03.201863Z"}, {"uuid": "43e9e6b9-2666-4fdc-b7b8-135a1b97405d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55448", "type": "published-proof-of-concept", "source": "https://github.com/jdx/mise/security/advisories/GHSA-29hf-rm4x-xxph", "content": "", "creation_timestamp": "2026-06-12T17:40:16.000000Z"}, {"uuid": "64832c6d-d30d-4e70-a34f-cad1cb5dde0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55441", "type": "published-proof-of-concept", "source": "https://github.com/jdx/mise/security/advisories/GHSA-77g9-363w-rccq", "content": "", "creation_timestamp": "2026-06-12T15:56:47.000000Z"}, {"uuid": "d2c0902b-6b8e-4828-b1f6-ac63e785179e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55448", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7lljtyfl2l", "content": "CVE-2026-55448 - mise: Local credential_command executes untrusted config\nCVE ID : CVE-2026-55448\n \n Published : June 26, 2026, 4:46 p.m. | 58\u00a0minutes ago\n \n Description : mise manages dev tools like node, python, cmake, and terraform. From 2026.3.15 until 2026.6.4, mise loads...", "creation_timestamp": "2026-06-26T18:36:29.110645Z"}, {"uuid": "e60d2f11-a7bb-412c-8590-5951d5a9b32a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55447", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mp7nccqsap2n", "content": "\ud83d\udccc CVE-2026-55447 - Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, by controlling a files that are digested into the RAG, ... https://www.cyberhub.blog/cves/CVE-2026-55447", "creation_timestamp": "2026-06-26T19:07:07.485968Z"}, {"uuid": "5e029218-09f1-4165-894b-35437c86b450", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55441", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7nj3eykd2n", "content": "CVE-2026-55441 - mise: Arbitrary command execution via task-include files in an untrusted, config-less repository\nCVE ID : CVE-2026-55441\n \n Published : June 26, 2026, 4:48 p.m. | 56\u00a0minutes ago\n \n Description : mise manages dev tools like node, python, cmake, and terraform. P...", "creation_timestamp": "2026-06-26T19:10:55.166477Z"}, {"uuid": "9df87b07-8569-485e-87cd-93963c3dd87c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55441", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mpdx3k2zqp2y", "content": "CVE-2026-55441 - Critical RCE in Mise. Trust bypass via task-include files allows tera exec() before trust_check. CVSS 8.6. No patch yet. Disable task-includes or block untrusted dirs. #CVE #Mise #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-55441/", "creation_timestamp": "2026-06-28T12:12:56.211843Z"}, {"uuid": "2053d048-32e2-4198-aa4e-018cb5ac49d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55441", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mpfzi2vvym2n", "content": "\ud83d\udfe0 CVE-2026-55441 - High (8.6)\n\nmise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.4, mise's trust f...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-55441/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-29T08:01:03.532007Z"}]}