{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-17T06:57:25.617","vulnerabilities":[{"cve":{"id":"CVE-2026-21640","sourceIdentifier":"support@hackerone.com","published":"2026-01-20T21:16:06.063","lastModified":"2026-01-30T20:17:33.390","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"HackerOne community member Faraz Ahmed (PakCyberbot) has reported a format string injection in the Revive Adserver settings. When specific character combinations are used in a setting, the admin user console could be disabled due to a fatal PHP error."},{"lang":"es","value":"El miembro de la comunidad de HackerOne Faraz Ahmed (PakCyberbot) ha informado de una inyección de cadena de formato en la configuración de Revive Adserver. Cuando se utilizan combinaciones de caracteres específicas en una configuración, la consola del usuario administrador podría deshabilitarse debido a un error fatal de PHP."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N","baseScore":2.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":1.4}],"cvssMetricV30":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","baseScore":2.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":1.4}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-134"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:aquaplatform:revive_adserver:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndIncluding":"6.0.4","matchCriteriaId":"2AA08D1C-3638-4E0D-AC58-A8527E77536F"}]}]}],"references":[{"url":"https://hackerone.com/reports/3445332","source":"support@hackerone.com","tags":["Third Party Advisory"]}]}}]}