{"vulnerability": "cve-2026-5994", "sightings": [{"uuid": "0cd272a7-5ebf-4e7f-baab-e83d280b1e04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5994", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mj4ct7u4dc2o", "content": "", "creation_timestamp": "2026-04-10T02:50:33.889581Z"}, {"uuid": "c2c292e5-2a8a-43e1-bd80-4afdd1cb033c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5994", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mj4k4hr7cj2p", "content": "", "creation_timestamp": "2026-04-10T05:01:00.851666Z"}, {"uuid": "d30d493a-8506-484c-9ccd-b350e0e5ba6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5994", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116378883078030003", "content": "", "creation_timestamp": "2026-04-10T06:00:28.929190Z"}, {"uuid": "489203a5-2580-4c18-b8f4-d0f680c9731c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5994", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mj4ngufut62y", "content": "", "creation_timestamp": "2026-04-10T06:00:31.342162Z"}, {"uuid": "513bfd56-414c-4d79-83fc-2a0b982517e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5994", "type": "published-proof-of-concept", "source": "Telegram/Fvik4eX2xz-nzJuB7IaHT1kkv6IwgWipFYk1oHJ2HiAA0EI", "content": "", "creation_timestamp": "2026-04-10T03:17:30.000000Z"}, {"uuid": "363659aa-9449-4100-bb61-27107dd244c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59948", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mqmcwqc74x2m", "content": "PHP Composer patched three flaws, including CVE-2026-59948, an arbitrary file write that can run code outside your project. Update to 2.10.2 or 2.2.29.\n\n#PHPComposer #Composer #ArbitraryFileWrite #SupplyChain #CVE #PHP #DevSecOps #InfoSec", "creation_timestamp": "2026-07-14T13:31:29.749020Z"}, {"uuid": "c7d5cfaa-2b53-4b0b-86d6-3c8ada13bf30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59948", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mqofbaoful27", "content": "CVE-2026-59948: PHP Composer\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u30d1\u30c3\u30b1\u30fc\u30b8\u304c\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8\u5916\u3067\u30b3\u30fc\u30c9\u3092\u5b9f\u884c\u3067\u304d\u308b \n\nCVE-2026-59948: PHP Composer Flaw Lets Packages Execute Code Outside the Project Context  #DailyCyberSecurity (Jul 14)\n\nsecurityonline.info/php-composer...", "creation_timestamp": "2026-07-15T09:18:28.821063Z"}]}