{"vulnerability": "cve-2026-5980", "sightings": [{"uuid": "b1ddb90d-22ff-472a-84f9-cf941e48967c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5980", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mj4s5okjf62m", "content": "", "creation_timestamp": "2026-04-10T07:24:51.450786Z"}, {"uuid": "e86463ac-2251-4439-95f8-0f037ab011a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5980", "type": "published-proof-of-concept", "source": "Telegram/RnbO6h7rE-8F1e1uXIlS73R4kRuAIo63byQ11pUP09Fz6LA", "content": "", "creation_timestamp": "2026-04-09T23:29:26.000000Z"}, {"uuid": "0602fe5b-aae4-45d9-95fa-807a85f5ba99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5980", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mkqwtlco2l2u", "content": "\ud83d\udccc CVE-2026-5980 - A flaw has been found in D-Link DIR-605L 2.13B01. Affected by this issue is the function formSetMACFilter of the file /goform/formSetMACFilter of the ... https://www.cyberhub.blog/cves/CVE-2026-5980", "creation_timestamp": "2026-05-01T01:07:07.438323Z"}, {"uuid": "25f089cd-7682-48ff-8cc5-54f27013ca49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59800", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq3dwalhqt22", "content": "CVE-2026-59800 - 9Router\nCVE ID : CVE-2026-59800\n \n Published : July 7, 2026, 6:19 p.m. | 55\u00a0minutes ago\n \n Description : 9Router before 0.4.44 contains an OS command injection vulnerability in the unauthenticated POST /api/tunnel/tailscale-install endpoint (this route is not ...", "creation_timestamp": "2026-07-07T19:33:50.831568Z"}, {"uuid": "9f3b34d5-5fbc-4d65-94fc-4e7aa9cdcc1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-59800", "type": "published-proof-of-concept", "source": "https://github.com/advisories/GHSA-g6g7-pvmx-m74p", "content": "", "creation_timestamp": "2026-07-07T20:35:03.190565Z"}, {"uuid": "ded08e9f-2dae-4163-bef1-4dd4738abbab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59800", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq3ic5zo3y2v", "content": "CVE-2026-59800 - 9router\nAn attacker can execute arbitrary code with root privileges on your system. This can happen if you're using the 9router package and it's running as root. To fix this, update to\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#9router #decolua #npm #CVE #infosec", "creation_timestamp": "2026-07-07T20:52:05.573398Z"}, {"uuid": "0c21b62d-a4d3-4ba6-9cf9-91b382700103", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59802", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq63ty5zuw25", "content": "CVE-2026-59802 - PasswordPusher\nCVE ID : CVE-2026-59802\n \n Published : July 8, 2026, 8:16 p.m. | 58\u00a0minutes ago\n \n Description : PasswordPusher before 2.8.1 accepts data URI schemes in URL push payloads due to insufficient validation in the valid_url function. Attackers can cr...", "creation_timestamp": "2026-07-08T21:47:24.475270Z"}, {"uuid": "cee6c298-9d8d-46ed-bc9e-1a1461a1fe8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59807", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq644wm6a726", "content": "CVE-2026-59807 - Composio SDK\nCVE ID : CVE-2026-59807\n \n Published : July 8, 2026, 8:16 p.m. | 58\u00a0minutes ago\n \n Description : Composio SDK before 0.2.32-beta.283 contains a path validation bypass vulnerability that allows attackers to read and exfiltrate sensitive files by ex...", "creation_timestamp": "2026-07-08T21:52:24.514440Z"}, {"uuid": "5dd3ea47-50a8-441a-b7e9-605380677673", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59803", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq64ouacqi2t", "content": "CVE-2026-59803 - rpcx - Denial of Service via Gzip Decompression Bomb in Wire Protocol\nCVE ID : CVE-2026-59803\n \n Published : July 8, 2026, 8:16 p.m. | 58\u00a0minutes ago\n \n Description : rpcx through 1.9.3, fixed in commit 047aec1, contains a denial-of-service vulnerability in pr...", "creation_timestamp": "2026-07-08T22:02:26.079053Z"}, {"uuid": "ffb37e97-8798-424f-b289-3d7ecb28436c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-59803", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-59803", "content": "", "creation_timestamp": "2026-07-09T00:15:02.866646Z"}, {"uuid": "2c51e9a3-9a0a-44b5-8ae6-ac2a9288df0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-59802", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-59802", "content": "", "creation_timestamp": "2026-07-09T00:15:05.198528Z"}, {"uuid": "6ae7073c-8363-4172-9eeb-23a45c052033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-59806", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-59806", "content": "", "creation_timestamp": "2026-07-09T00:15:07.507082Z"}, {"uuid": "d797a49a-9b41-40fe-b922-f3150e50e0b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-59805", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-59805", "content": "", "creation_timestamp": "2026-07-09T00:15:09.835528Z"}, {"uuid": "4a9631cc-c322-42da-939d-bf1b140c87a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-59804", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-59804", "content": "", "creation_timestamp": "2026-07-09T00:15:12.117232Z"}, {"uuid": "39c85785-a74a-4777-a336-5ccc596f53c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-59807", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-59807", "content": "", "creation_timestamp": "2026-07-09T00:15:23.798214Z"}, {"uuid": "5154e039-b4ba-4cb9-a65c-97f2139992c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59800", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdefvegts2y", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-59800 \u0432 9Router: \u0443\u0433\u0440\u043e\u0437\u0430 OS-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0439 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/D5EDB83D-97C2-4A99-9EAB-B4565283010F", "creation_timestamp": "2026-07-11T00:03:53.896309Z"}, {"uuid": "a466c399-18c6-47d9-b655-4b87803ba99f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59801", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqkogxhj652r", "content": "CVE-2026-59801 - 9router\nAn attacker can access and manipulate provider connections without a password, potentially exposing sensitive information and disrupting service. This vulnerability affects 9Router\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#9router #decolua #CVE #infosec", "creation_timestamp": "2026-07-13T21:52:05.263959Z"}, {"uuid": "c0fe6955-a976-4527-a426-20ca8615959b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59801", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqkseylc7w2t", "content": "CVE-2026-59801 - 9Router 0.4.41 - Unauthenticated API Exposure via /api/providers\nCVE ID : CVE-2026-59801\n \n Published : July 13, 2026, 9:30 p.m. | 22\u00a0minutes ago\n \n Description : 9Router through version 0.4.41 contains an unauthenticated access vulnerability that allows remot...", "creation_timestamp": "2026-07-13T23:02:34.144766Z"}, {"uuid": "284c00b0-d163-48b0-9bc0-4f72c41f5937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-59801", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116916802474100215", "content": "decolua 9Router &lt;=0.4.41 hit by CVE-2026-59801 (CRITICAL): Missing authentication on provider APIs lets remote attackers control connections, steal creds, or disrupt service. Restrict access &amp; monitor now. https://radar.offseq.com/threat/cve-2026-59801-missing-authentication-for-critical-0c4298ad3568d21f #OffSeq #infosec #CVE #routersecurity", "creation_timestamp": "2026-07-14T06:00:27.808773Z"}, {"uuid": "82eb707c-4357-4afa-88c2-c086dd54368e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-59801", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqljqbutrq23", "content": "decolua 9Router (&lt;=0.4.41) faces CRITICAL CVE-2026-59801: Unauthenticated API access lets attackers steal creds, redirect AI traffic, or delete connections. Restrict endpoints &amp; monitor activity. https://radar.offseq.com/threat/cve-2026-59801-missing-authentication-for-critical-0c4298ad3568d21f #...", "creation_timestamp": "2026-07-14T06:00:29.501993Z"}, {"uuid": "4fbf825c-d1a8-48ad-a95f-b8eb974fc751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59801", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-59801.yaml", "content": "", "creation_timestamp": "2026-07-15T09:00:03.629156Z"}, {"uuid": "aee04713-3afe-4449-8adc-cb49c785d864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59801", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-59801.yaml", "content": "", "creation_timestamp": "2026-07-16T00:00:03.138178Z"}, {"uuid": "aad14e7d-1859-4dcf-a2be-c3f4867b2559", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59801", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-59801.yaml", "content": "", "creation_timestamp": "2026-07-17T00:00:04.087668Z"}]}