{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T06:15:46.433","vulnerabilities":[{"cve":{"id":"CVE-2026-20031","sourceIdentifier":"psirt@cisco.com","published":"2026-03-04T18:16:16.773","lastModified":"2026-03-05T19:39:11.967","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the HTML Cascading Style Sheets (CSS) module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit this vulnerability by submitting a crafted HTML file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the scanning process."},{"lang":"es","value":"Una vulnerabilidad en el módulo HTML Cascading Style Sheets (CSS) de ClamAV podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado.\n\nEsta vulnerabilidad se debe a un manejo de errores inadecuado al dividir cadenas UTF-8. Un atacante podría explotar esta vulnerabilidad al enviar un archivo HTML manipulado para ser escaneado por ClamAV en un dispositivo afectado. Un exploit exitoso podría permitir al atacante terminar el proceso de escaneo."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Primary","description":[{"lang":"en","value":"CWE-248"}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-css-Fn4QSZ","source":"psirt@cisco.com"}]}}]}