{
  "type": "bundle",
  "id": "bundle--082ea597-947c-4cc3-b789-5e32844631da",
  "objects": [
    {
      "type": "report",
      "spec_version": "2.1",
      "id": "report--01af864b-d6ef-493b-94a7-276f04ee3d08",
      "created": "2026-04-20T09:05:57.000Z",
      "modified": "2026-04-20T09:05:57.000Z",
      "name": "Nginx UI security advisory (AV26-360)",
      "description": "Serial number: AV26-360 Date: April 16, 2026 On April 10, 2026, Nginx UI published a security advisory to address a critical vulnerability in the following product: Nginx UI \u2013 version v2.3.5 and prior Open-source reporting indicates that the CVE-2026-33032 vulnerability is being exploited in the wild. The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates, when available. Nginx UI - CVE-2026-33032 NVD - CVE-2026-33032 Detail",
      "published": "2026-04-16T15:06:47.000Z",
      "report_types": [
        "threat-report"
      ],
      "object_refs": [
        "vulnerability--ae9f11c4-8f62-4824-9ca7-9f43d337ff0f",
        "attack-pattern--1fd75093-d01d-4960-a096-0bcb77f87de3"
      ],
      "external_references": [
        {
          "source_name": "Canadian Centre for Cyber Security",
          "url": "https://cyber.gc.ca/en/alerts-advisories/nginx-ui-security-advisory-av26-360",
          "description": "Nginx UI security advisory (AV26-360)"
        }
      ],
      "labels": []
    },
    {
      "type": "vulnerability",
      "spec_version": "2.1",
      "id": "vulnerability--ae9f11c4-8f62-4824-9ca7-9f43d337ff0f",
      "created": "2026-04-20T09:05:57.000Z",
      "modified": "2026-04-20T09:05:57.000Z",
      "name": "CVE-2026-33032",
      "external_references": [
        {
          "source_name": "cve",
          "external_id": "CVE-2026-33032",
          "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33032"
        }
      ]
    },
    {
      "type": "attack-pattern",
      "spec_version": "2.1",
      "id": "attack-pattern--1fd75093-d01d-4960-a096-0bcb77f87de3",
      "created": "2026-04-20T09:05:57.000Z",
      "modified": "2026-04-20T09:05:57.000Z",
      "name": "Command and Scripting Interpreter",
      "external_references": [
        {
          "source_name": "mitre-attack",
          "external_id": "T1059",
          "url": "https://attack.mitre.org/techniques/T1059/"
        }
      ],
      "kill_chain_phases": [
        {
          "kill_chain_name": "mitre-attack",
          "phase_name": "execution"
        }
      ]
    }
  ]
}