{"resultsPerPage":277,"startIndex":0,"totalResults":277,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-28T19:25:46.434","vulnerabilities":[{"cve":{"id":"CVE-2015-2808","sourceIdentifier":"cve@mitre.org","published":"2015-04-01T02:00:35.097","lastModified":"2026-05-28T14:16:16.170","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the \"Bar Mitzvah\" issue."},{"lang":"es","value":"El algoritmo RC4, utilizado en el protocolo TLS y el protocolo SSL, no combina correctamente los datos de estados con los datos de claves durante la fase de inicialización, lo que facilita a atacantes remotos realizar ataques de recuperación de texto claro contra los bytes iniciales de un flujo mediante la captura de trafico de la red que ocasionalmente depende de claves afectadas por la debilidad de la invariabilidad (Invariance Weakness), y posteriormente utilizar un acercamiento de fuerza bruta que involucra valores LSB, también conocido como el problema de 'Bar Mitzvah'."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-327"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-327"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndIncluding":"3.9.0","matchCriteriaId":"C306035B-10B2-4BC5-B6DE-194BE343DA8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_policy_management:*:*:*:*:*:*:*:*","versionEndExcluding":"9.9.2","matchCriteriaId":"D3AB62FE-AB1A-4162-8A51-E34EDE33DD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*","matchCriteriaId":"911FBD5E-213D-482F-81A9-C3B8CE7D903A"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:http_server:11.1.1.9.0:*:*:*:*:*:*:*","matchCriteriaId":"EBD2676F-EE9D-4462-ABA5-C11CE726849C"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:http_server:12.1.3.0.0:*:*:*:*:*:*:*","matchCriteriaId":"6505AE29-5091-4C72-AF6B-932DEF53A8D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:http_server:12.2.1.1.0:*:*:*:*:*:*:*","matchCriteriaId":"4EC475C1-A339-4C49-B6BA-A0E4D6FDF5DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:http_server:12.2.1.2.0:*:*:*:*:*:*:*","matchCriteriaId":"38A45A86-3B7E-4245-B717-2A6E868BE6BE"},{"vulnerable":true,"criteria":"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndIncluding":"3.2.11","matchCriteriaId":"24EDBB8B-1AFB-498D-B78C-7BC72B8C1085"},{"vulnerable":true,"criteria":"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndIncluding":"4.0.4","matchCriteriaId":"F3024389-3D4A-4E19-BE42-DAF9EA51D471"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"16F59A04-14CF-49E2-9973-645477EA09DA"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*","matchCriteriaId":"85EA16E0-9261-45C4-840F-5366E9EAC5E1"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","matchCriteriaId":"133AAFA7-AF42-4D7B-8822-AA2E85611BF5"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","matchCriteriaId":"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","matchCriteriaId":"33C068A4-3780-4EAB-A937-6082DF847564"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*","matchCriteriaId":"319EC0C6-94C5-494A-9C5D-DC5124DFC8E1"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*","matchCriteriaId":"A67A7B7A-998D-4B8C-8831-6E58406565FE"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*","matchCriteriaId":"AE1D81A1-CD24-4B17-8AFD-DC95E90AD7D0"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*","matchCriteriaId":"807C024A-F8E8-4B48-A349-4C68CD252CA1"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*","matchCriteriaId":"F96E3779-F56A-45FF-BB3D-4980527D721E"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*","matchCriteriaId":"0CF73560-2F5B-4723-A8A1-9AADBB3ADA00"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*","matchCriteriaId":"5BF3C7A5-9117-42C7-BEA1-4AA378A582EF"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*","matchCriteriaId":"83737173-E12E-4641-BC49-0BD84A6B29D0"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","matchCriteriaId":"54D669D4-6D7E-449D-80C1-28FA44F06FFE"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","matchCriteriaId":"9BBCD86A-E6C7-4444-9D74-F861084090F0"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","matchCriteriaId":"51EF4996-72F4-4FA4-814F-F5991E7A8318"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*","matchCriteriaId":"16E6D998-B41D-4B49-9E00-8336D2E40A4A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","matchCriteriaId":"98381E61-F082-4302-B51F-5648884F998B"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","matchCriteriaId":"D99A687E-EAE6-417E-A88E-D0082BC194CD"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","matchCriteriaId":"B353CE99-D57C-465B-AAB0-73EF581127D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","matchCriteriaId":"7431ABC1-9252-419E-8CC1-311B41360078"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","matchCriteriaId":"24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","matchCriteriaId":"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","matchCriteriaId":"17F256A9-D3B9-4C72-B013-4EFD878BFEA8"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","matchCriteriaId":"D0AC5CD5-6E58-433C-9EB3-6DFE5656463E"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","matchCriteriaId":"E5ED5807-55B7-47C5-97A6-03233F4FBC3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","matchCriteriaId":"825ECE2D-E232-46E0-A047-074B34DB1E97"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*","matchCriteriaId":"58D3B6FD-B474-4B09-B644-A8634A629280"},{"vulnerable":true,"criteria":"cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*","matchCriteriaId":"F892F1B0-514C-42F7-90AE-12ACDFDC1033"},{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","matchCriteriaId":"A10BC294-9196-425F-9FB0-B1625465B47F"},{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","matchCriteriaId":"03117DF1-3BEC-4B8D-AD63-DBBDB2126081"},{"vulnerable":true,"criteria":"cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*","matchCriteriaId":"3ED68ADD-BBDA-4485-BC76-58F011D72311"},{"vulnerable":true,"criteria":"cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*","matchCriteriaId":"17D4B6F2-514D-4BC2-B2C5-4E2FCCAC594C"},{"vulnerable":true,"criteria":"cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*","matchCriteriaId":"D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9"},{"vulnerable":true,"criteria":"cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*","matchCriteriaId":"35BBD83D-BDC7-4678-BE94-639F59281139"},{"vulnerable":true,"criteria":"cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*","matchCriteriaId":"67960FB9-13D1-4DEE-8158-31BF31BCBE6F"},{"vulnerable":true,"criteria":"cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*","matchCriteriaId":"CB6476C7-03F2-4939-AB85-69AA524516D9"},{"vulnerable":true,"criteria":"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*","matchCriteriaId":"2470C6E8-2024-4CF5-9982-CFF50E88EAE9"},{"vulnerable":true,"criteria":"cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*","matchCriteriaId":"15FC9014-BD85-4382-9D04-C0703E901D7A"},{"vulnerable":true,"criteria":"cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*","matchCriteriaId":"2F7F8866-DEAD-44D1-AB10-21EE611AA026"},{"vulnerable":true,"criteria":"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*","matchCriteriaId":"1831D45A-EE6E-4220-8F8C-248B69520948"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:suse:manager:1.7:*:*:*:*:*:*:*","matchCriteriaId":"2C9E2D37-9F56-49E0-BB28-56FB755CE078"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*","matchCriteriaId":"88D6E858-FD8F-4C55-B7D5-CEEDA2BBA898"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","matchCriteriaId":"8D305F7A-D159-4716-AB26-5E38BB5CD991"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","matchCriteriaId":"815D70A8-47D3-459C-A32C-9FEACA0659D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","matchCriteriaId":"F38D3B7E-8429-473F-BB31-FC3583EE5A5B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*","matchCriteriaId":"D4840254-CC76-4113-BC61-360BD15582B9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","matchCriteriaId":"1D8B549B-E57B-4DFE-8A13-CAB06B5356B3"},{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","matchCriteriaId":"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fujitsu:sparc_enterprise_m3000_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"xcp","versionEndExcluding":"xcp_1121","matchCriteriaId":"9DBE3B60-DED8-4F47-A60F-410ECB873BAE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fujitsu:sparc_enterprise_m3000:-:*:*:*:*:*:*:*","matchCriteriaId":"AB54B753-F066-4387-B0C3-43E647A42EBE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fujitsu:sparc_enterprise_m4000_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"xcp","versionEndExcluding":"xcp_1121","matchCriteriaId":"5BBD38A2-1B17-4B28-9FE1-6D62A6337C12"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fujitsu:sparc_enterprise_m4000:-:*:*:*:*:*:*:*","matchCriteriaId":"1846C0CA-AE13-435F-BF91-EEE0CC311DD5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fujitsu:sparc_enterprise_m5000_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"xcp","versionEndExcluding":"xcp_1121","matchCriteriaId":"5884F45B-F822-46B9-A0DC-6B59A3C3E7E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fujitsu:sparc_enterprise_m5000:-:*:*:*:*:*:*:*","matchCriteriaId":"C2EDCD99-9677-45A7-9221-3A6A41917A7C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fujitsu:sparc_enterprise_m8000_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"xcp","versionEndExcluding":"xcp_1121","matchCriteriaId":"9ED7A13F-9510-4FA0-96A6-D2D34D49545F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fujitsu:sparc_enterprise_m8000:-:*:*:*:*:*:*:*","matchCriteriaId":"9581ABD4-5ED6-4EC5-8A0B-1D7A449C10D5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fujitsu:sparc_enterprise_m9000_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"xcp","versionEndExcluding":"xcp_1121","matchCriteriaId":"0C4C1EC1-19BE-4E1E-8F56-47A83AD0410D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fujitsu:sparc_enterprise_m9000:-:*:*:*:*:*:*:*","matchCriteriaId":"0A2CEAD6-9F8C-411C-9107-BA858CB8A31B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:e6000_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"075D228F-B3F3-44A0-9C93-510E2EF7BE16"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:e6000:-:*:*:*:*:*:*:*","matchCriteriaId":"1F66D29E-0B7F-45D3-BECC-21952F4A4850"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:e9000_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CA0AE74D-A6FC-44A1-80D4-CB5039FD31AC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:e9000:-:*:*:*:*:*:*:*","matchCriteriaId":"741F1B4C-D77D-416F-B6D9-0359F391D96F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:oceanstor_18500_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"929D8B7A-4535-49EA-9DD6-AB83174337AA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:oceanstor_18500:-:*:*:*:*:*:*:*","matchCriteriaId":"B7AAE27E-EB13-43E2-A7F4-7973977AD936"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:oceanstor_18800_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8E00020C-C1FB-425B-B285-BCF7450F76B0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:oceanstor_18800:-:*:*:*:*:*:*:*","matchCriteriaId":"B196FDFF-8A1D-4E7D-895A-1D09ADACC396"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:oceanstor_18800f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"47CA0343-7F2A-45BE-B7A2-8F91F31C0912"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:oceanstor_18800f:-:*:*:*:*:*:*:*","matchCriteriaId":"4E675B6C-C847-486F-8946-F98E271E1DC0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:oceanstor_9000_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"45D279CD-1344-4200-B4DF-303739323D19"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:oceanstor_9000:-:*:*:*:*:*:*:*","matchCriteriaId":"AEC54023-CF84-4095-A3E8-2D6E334768E9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:oceanstor_cse_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4D5F81B5-BD6E-4B10-8EB9-AE0929E3DCE6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:oceanstor_cse:-:*:*:*:*:*:*:*","matchCriteriaId":"7E9846D2-4A8C-421E-8FE0-F6091DD2B30E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:oceanstor_hvs85t_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C2453CC3-FDD3-4C42-9D17-C231DA2D1F41"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:oceanstor_hvs85t:-:*:*:*:*:*:*:*","matchCriteriaId":"675CCB4F-BB76-45DC-9E6E-3BD279995084"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:oceanstor_s2600t_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CBD74E7B-DB83-44DF-9A0B-D2EFF346855A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:oceanstor_s2600t:-:*:*:*:*:*:*:*","matchCriteriaId":"5FFC0113-86D7-45B1-975F-B24AF1951C4A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:oceanstor_s5500t_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6E3E931B-BD89-48D1-BE5F-0BDBF78914C0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:oceanstor_s5500t:-:*:*:*:*:*:*:*","matchCriteriaId":"F36770F0-2E40-42FF-BD7B-7AE2C84E62A2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:oceanstor_s5600t_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"63E1D8ED-A4EC-46B4-A0C0-8F46262F1D2F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:oceanstor_s5600t:-:*:*:*:*:*:*:*","matchCriteriaId":"6830C365-357D-41A3-8AA7-3B4854260762"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:oceanstor_s5800t_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7A307235-4B7B-40EE-807A-9C8FFD8DF72C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:oceanstor_s5800t:-:*:*:*:*:*:*:*","matchCriteriaId":"866A8777-DB2A-4915-8DA6-1AF751742354"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:oceanstor_s6800t_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"488319BB-6D39-4AA5-85A8-840EF46227F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:oceanstor_s6800t:-:*:*:*:*:*:*:*","matchCriteriaId":"C1F50E5B-8733-43AB-B6CF-66AC7305E2DB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:oceanstor_vis6600t_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0BC3C090-EB04-4A0D-8644-51002CF2ABF5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:oceanstor_vis6600t:-:*:*:*:*:*:*:*","matchCriteriaId":"4D0988C3-BAE5-4B5A-92FC-9D275B4DE9F5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:quidway_s9300_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4F01C05D-6937-4FAD-A0E1-6168EE1D7CE4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:quidway_s9300:-:*:*:*:*:*:*:*","matchCriteriaId":"2E756FE8-F106-4BFD-B33B-CC198363D2FD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s7700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CF102265-497A-4766-80C8-323D511B4EAF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*","matchCriteriaId":"8769C2C4-E333-432B-8943-CFDFAE013379"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s7700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CF102265-497A-4766-80C8-323D511B4EAF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*","matchCriteriaId":"8769C2C4-E333-432B-8943-CFDFAE013379"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:9700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4A3C463F-2C0B-4269-95ED-A578C01E0F55"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:9700:-:*:*:*:*:*:*:*","matchCriteriaId":"D2A9F6EB-8B6E-465C-B441-C4861771861E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:9700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4A3C463F-2C0B-4269-95ED-A578C01E0F55"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:9700:-:*:*:*:*:*:*:*","matchCriteriaId":"D2A9F6EB-8B6E-465C-B441-C4861771861E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s12700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"89D69269-4251-4CE9-AD67-4968A917C1E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*","matchCriteriaId":"138C1E57-176C-46B1-9704-D9C8391CC802"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s12700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"89D69269-4251-4CE9-AD67-4968A917C1E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*","matchCriteriaId":"138C1E57-176C-46B1-9704-D9C8391CC802"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s2700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"540F0482-7F5E-4688-B282-97A6576E0A6D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*","matchCriteriaId":"DD2CD071-58E4-4061-8217-990453213470"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s3700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"789A2B2D-99B1-4AA5-BB39-65D58D8B59B0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s3700:-:*:*:*:*:*:*:*","matchCriteriaId":"B7F84390-E120-406B-967D-B473EB110EA9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s5700ei_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B9FD39BD-0D24-4C1E-969C-C9509AE8A0D8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s5700ei:-:*:*:*:*:*:*:*","matchCriteriaId":"1B0BE6C3-1FB2-4718-AA9D-1A8D8663C195"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s5700hi_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"409A4E21-B8D8-445F-A9C4-3CDA73189CA9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s5700hi:-:*:*:*:*:*:*:*","matchCriteriaId":"ED775342-B93C-4DF9-BC62-B6BE549F1B29"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s5700si_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"31FB20E5-4830-411C-AE4B-6B2E180C0972"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s5700si:-:*:*:*:*:*:*:*","matchCriteriaId":"24C4DC87-DE8C-461F-A555-F6E9A71C1C48"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s5710ei_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"95E7ABCB-D0C0-4C18-A7AC-8C1EBD5E4E87"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s5710ei:-:*:*:*:*:*:*:*","matchCriteriaId":"A2D59F3D-CC4A-4ADD-B83C-5CE3F0546622"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s5710hi_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"065508F6-D026-4C99-B6F9-AE25CB1124D3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s5710hi:-:*:*:*:*:*:*:*","matchCriteriaId":"4DFF0F26-CDF2-49B0-AED7-EEA4B9E99E8C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s6700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"86E35CBD-4488-4E64-BEA2-A2E89A4BB9E2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*","matchCriteriaId":"DA7AC10D-B0DD-4206-8642-134DDD585C06"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s2750_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A0C6E3C4-5677-49B6-9D35-FAC2E550F311"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s2750:-:*:*:*:*:*:*:*","matchCriteriaId":"B7859972-B7B8-4619-AAED-22B6B14852BC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s5700li_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1755FB01-C830-4147-B0BF-7D422A7D2181"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s5700li:-:*:*:*:*:*:*:*","matchCriteriaId":"21B89917-2B3D-4BA5-8836-ADEECF46E976"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s5700s-li_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8DF808C1-3081-4FC7-8661-FBF6A04761B6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s5700s-li:-:*:*:*:*:*:*:*","matchCriteriaId":"86FFC3BE-77A0-4202-9AE0-06D8D67F6539"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s5720hi_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8A960DA7-8B35-43B3-B15F-F3F7E14BF308"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s5720hi:-:*:*:*:*:*:*:*","matchCriteriaId":"CB64BC36-693E-4101-9C13-4A4C572A4EDE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s2750_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A0C6E3C4-5677-49B6-9D35-FAC2E550F311"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s2750:-:*:*:*:*:*:*:*","matchCriteriaId":"B7859972-B7B8-4619-AAED-22B6B14852BC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s5700li_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1755FB01-C830-4147-B0BF-7D422A7D2181"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s5700li:-:*:*:*:*:*:*:*","matchCriteriaId":"21B89917-2B3D-4BA5-8836-ADEECF46E976"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s5700s-li_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8DF808C1-3081-4FC7-8661-FBF6A04761B6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s5700s-li:-:*:*:*:*:*:*:*","matchCriteriaId":"86FFC3BE-77A0-4202-9AE0-06D8D67F6539"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s5720hi_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8A960DA7-8B35-43B3-B15F-F3F7E14BF308"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s5720hi:-:*:*:*:*:*:*:*","matchCriteriaId":"CB64BC36-693E-4101-9C13-4A4C572A4EDE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:s5720ei_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6A799E13-49E1-4CFB-BB7D-5E528C7E0FE3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:s5720ei:-:*:*:*:*:*:*:*","matchCriteriaId":"D7B06975-BD37-452D-9782-B768610D3777"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:te60_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D65BF93A-9246-48CB-8510-F6B0380F48D9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*","matchCriteriaId":"999117E9-90C8-4E76-90B5-7D364C0B84BF"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:huawei:oceanstor_replicationdirector:v100r003c00:*:*:*:*:*:*:*","matchCriteriaId":"0A0D7527-BCA2-4CF5-A793-1C01F6570679"},{"vulnerable":true,"criteria":"cpe:2.3:a:huawei:policy_center:v100r003c00:*:*:*:*:*:*:*","matchCriteriaId":"95CA0A4C-2571-4593-A075-9A6A7EABBB33"},{"vulnerable":true,"criteria":"cpe:2.3:a:huawei:policy_center:v100r003c10:*:*:*:*:*:*:*","matchCriteriaId":"16D46E9E-7F34-49C4-B56F-9090157FAD6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:huawei:smc2.0:v100r002c01:*:*:*:*:*:*:*","matchCriteriaId":"8D6E37DD-6CEA-443A-80C2-79E28C78D7CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:huawei:smc2.0:v100r002c02:*:*:*:*:*:*:*","matchCriteriaId":"BE1A9027-21FC-45E0-98B2-BFB8B5BE484D"},{"vulnerable":true,"criteria":"cpe:2.3:a:huawei:smc2.0:v100r002c03:*:*:*:*:*:*:*","matchCriteriaId":"EC8620BB-7730-4C8F-8B4B-21389636B3C8"},{"vulnerable":true,"criteria":"cpe:2.3:a:huawei:smc2.0:v100r002c04:*:*:*:*:*:*:*","matchCriteriaId":"D971D78C-A6F3-438D-A292-54A9A226FFE9"},{"vulnerable":true,"criteria":"cpe:2.3:a:huawei:ultravr:v100r003c00:*:*:*:*:*:*:*","matchCriteriaId":"648D923E-BF31-4DF4-B160-66874A8E45AF"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:cognos_metrics_manager:10.1:*:*:*:*:*:*:*","matchCriteriaId":"23F3243D-14BB-45F4-BBF6-DD45B8729B6B"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:cognos_metrics_manager:10.1.1:*:*:*:*:*:*:*","matchCriteriaId":"97449883-5401-42C0-8FF1-6A5BEC7BC829"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:cognos_metrics_manager:10.2:*:*:*:*:*:*:*","matchCriteriaId":"2B2DDB90-C6A1-4EE5-96F2-F0A33B2F79A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:cognos_metrics_manager:10.2.1:*:*:*:*:*:*:*","matchCriteriaId":"E43C2590-059B-43BE-BFD1-7B0D1020D324"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:cognos_metrics_manager:10.2.2:*:*:*:*:*:*:*","matchCriteriaId":"379CF92E-AFD1-4744-AC07-6A495548F121"}]}]}],"references":[{"url":"http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=143456209711959&w=2","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=143629696317098&w=2","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=143741441012338&w=2","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=143817021313142&w=2","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=143817899717054&w=2","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=143818140118771&w=2","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144043644216842&w=2","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144059660127919&w=2","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144059703728085&w=2","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144060576831314&w=2","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144060606031437&w=2","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144069189622016&w=2","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144102017024820&w=2","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144104533800819&w=2","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144104565600964&w=2","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144493176821532&w=2","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1006.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1007.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1020.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1021.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1091.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1228.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1229.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1230.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1241.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1242.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1243.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1526.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21883640","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www-304.ibm.com/support/docview.wss?uid=swg21903565","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www-304.ibm.com/support/docview.wss?uid=swg21960015","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www-304.ibm.com/support/docview.wss?uid=swg21960769","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.debian.org/security/2015/dsa-3316","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.debian.org/security/2015/dsa-3339","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.huawei.com/en/psirt/security-advisories/hw-454055","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/73684","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securityfocus.com/bid/91787","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032599","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032600","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032707","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032708","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032734","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032788","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032858","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032868","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032910","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032990","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1033071","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1033072","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1033386","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1033415","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1033431","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1033432","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1033737","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1033769","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1036222","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.ubuntu.com/usn/USN-2696-1","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.ubuntu.com/usn/USN-2706-1","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://kb.juniper.net/JSA10783","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10163","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://security.gentoo.org/glsa/201512-10","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf","source":"cve@mitre.org","tags":["Technical Description","Third Party Advisory"]},{"url":"https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/","source":"cve@mitre.org"},{"url":"http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=143456209711959&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=143629696317098&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=143741441012338&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=143817021313142&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=143817899717054&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=143818140118771&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144043644216842&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144059660127919&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144059703728085&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144060576831314&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144060606031437&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144069189622016&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144102017024820&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144104533800819&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144104565600964&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://marc.info/?l=bugtraq&m=144493176821532&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1006.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1007.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1020.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1021.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1091.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1228.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1229.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1230.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1241.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1242.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1243.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2015-1526.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21883640","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www-304.ibm.com/support/docview.wss?uid=swg21903565","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www-304.ibm.com/support/docview.wss?uid=swg21960015","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www-304.ibm.com/support/docview.wss?uid=swg21960769","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.debian.org/security/2015/dsa-3316","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.debian.org/security/2015/dsa-3339","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.huawei.com/en/psirt/security-advisories/hw-454055","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/73684","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securityfocus.com/bid/91787","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032599","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032600","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032707","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032708","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032734","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032788","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032858","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032868","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032910","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1032990","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1033071","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1033072","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1033386","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1033415","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1033431","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1033432","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1033737","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1033769","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1036222","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.ubuntu.com/usn/USN-2696-1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.ubuntu.com/usn/USN-2706-1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://kb.juniper.net/JSA10783","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10163","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://security.gentoo.org/glsa/201512-10","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Technical Description","Third Party Advisory"]},{"url":"https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-49894","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-10-21T18:15:11.913","lastModified":"2026-05-28T15:12:45.613","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix index out of bounds in degamma hardware format translation\n\nFixes index out of bounds issue in\n`cm_helper_translate_curve_to_degamma_hw_format` function. The issue\ncould occur when the index 'i' exceeds the number of transfer function\npoints (TRANSFER_FUNC_POINTS).\n\nThe fix adds a check to ensure 'i' is within bounds before accessing the\ntransfer function points. If 'i' is out of bounds the function returns\nfalse to indicate an error.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:594 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.red' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:595 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.green' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:596 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max"},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Corrige el índice fuera de los límites en la traducción del formato de hardware degamma Corrige el problema del índice fuera de los límites en la función `cm_helper_translate_curve_to_degamma_hw_format`. El problema podría ocurrir cuando el índice 'i' excede el número de puntos de función de transferencia (TRANSFER_FUNC_POINTS). La corrección agrega una verificación para garantizar que 'i' esté dentro de los límites antes de acceder a los puntos de función de transferencia. Si 'i' está fuera de los límites, la función devuelve falso para indicar un error. Reportado por smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:594 cm_helper_translate_curve_to_degamma_hw_format() error: desbordamiento de búfer 'output_tf->tf_pts.red' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:595 cm_helper_translate_curve_to_degamma_hw_format() error: desbordamiento de búfer 'output_tf->tf_pts.green' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:596 cm_helper_translate_curve_to_degamma_hw_format() error: desbordamiento de búfer 'output_tf->tf_pts.blue' 1025 <= s32max"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-129"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:simatic_s7-1500_tm_mfp_firmware:1.1:*:*:*:*:*:*:*","matchCriteriaId":"33078ADB-41E4-4DCC-BB91-78279581883E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:simatic_s7-1500_tm_mfp:-:*:*:*:*:*:*:*","matchCriteriaId":"754051AB-27D3-41CA-B2C8-79BAD48C8750"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"4.19.323","matchCriteriaId":"8AD391D2-9160-4AB6-95CE-F0E8A945DDB0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.4.285","matchCriteriaId":"B5A89369-320F-47FC-8695-56F61F87E4C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.227","matchCriteriaId":"795A3EE6-0CAB-4409-A903-151C94ACECC0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.168","matchCriteriaId":"4D51C05D-455B-4D8D-89E7-A58E140B864C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.113","matchCriteriaId":"D01BD22E-ACD1-4618-9D01-6116570BE1EE"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.55","matchCriteriaId":"E90B9576-56C4-47BC-AAB0-C5B2D438F5D0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.10.14","matchCriteriaId":"4C16BCE0-FFA0-4599-BE0A-1FD65101C021"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.11","versionEndExcluding":"6.11.3","matchCriteriaId":"54D9C704-D679-41A7-9C40-10A6B1E7FFE9"},{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:sinec_os:*:*:*:*:*:*:*:*","versionEndExcluding":"3.2","matchCriteriaId":"FA64F29A-AD82-4C61-BA69-AC9ABF9CFEF5"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/07078fa5d589a7fbce8f81ea8acf7aa0021ab38e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/122e3a7a8c7bcbe3aacddd6103f67f9f36bed473","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2495c8e272d84685403506833a664fad932e453a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2f5da549535be8ccd2ab7c9abac8562ad370b181","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b3dfa878257a7e98830b3009ca5831a01d8f85fc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b7e99058eb2e86aabd7a10761e76cae33d22b49f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c130a3c09e3746c1a09ce26c20d21d449d039b1d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c6979719012a90e5b8e3bc31725fbfdd0b9b2b79","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f5f6d90087131812c1e4b9d3103f400f1624396d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","tags":["Third Party Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-355557.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-49924","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-10-21T18:15:14.450","lastModified":"2026-05-28T15:12:23.970","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: pxafb: Fix possible use after free in pxafb_task()\n\nIn the pxafb_probe function, it calls the pxafb_init_fbinfo function,\nafter which &fbi->task is associated with pxafb_task. Moreover,\nwithin this pxafb_init_fbinfo function, the pxafb_blank function\nwithin the &pxafb_ops struct is capable of scheduling work.\n\nIf we remove the module which will call pxafb_remove to make cleanup,\nit will call unregister_framebuffer function which can call\ndo_unregister_framebuffer to free fbi->fb through\nput_fb_info(fb_info), while the work mentioned above will be used.\nThe sequence of operations that may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | pxafb_task\npxafb_remove |\nunregister_framebuffer(info) |\ndo_unregister_framebuffer(fb_info) |\nput_fb_info(fb_info) |\n// free fbi->fb | set_ctrlr_state(fbi, state)\n | __pxafb_lcd_power(fbi, 0)\n | fbi->lcd_power(on, &fbi->fb.var)\n | //use fbi->fb\n\nFix it by ensuring that the work is canceled before proceeding\nwith the cleanup in pxafb_remove.\n\nNote that only root user can remove the driver at runtime."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fbdev: pxafb: Arregla posible use after free en pxafb_task() En la función pxafb_probe, llama a la función pxafb_init_fbinfo, después de lo cual &fbi->task se asocia con pxafb_task. Además, dentro de esta función pxafb_init_fbinfo, la función pxafb_blank dentro de la estructura &pxafb_ops es capaz de programar trabajo. Si eliminamos el módulo que llamará a pxafb_remove para hacer la limpieza, llamará a la función unregister_framebuffer que puede llamar a do_unregister_framebuffer para liberar fbi->fb a través de put_fb_info(fb_info), mientras que se utilizará el trabajo mencionado anteriormente. La secuencia de operaciones que pueden llevar a un error de UAF es la siguiente: CPU0 CPU1 | pxafb_task pxafb_remove | unregister_framebuffer(info) | do_unregister_framebuffer(fb_info) | put_fb_info(fb_info) | // free fbi->fb | set_ctrlr_state(fbi, state) | __pxafb_lcd_power(fbi, 0) | fbi->lcd_power(on, &fbi->fb.var) | //use fbi->fb Solucione el problema asegurándose de cancelar el trabajo antes de continuar con la limpieza en pxafb_remove. Tenga en cuenta que solo el usuario root puede eliminar el controlador en tiempo de ejecución."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.27","versionEndExcluding":"4.19.323","matchCriteriaId":"DCE87C32-9DFD-4170-A5F4-3F27B8597055"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.4.285","matchCriteriaId":"B5A89369-320F-47FC-8695-56F61F87E4C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.227","matchCriteriaId":"795A3EE6-0CAB-4409-A903-151C94ACECC0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.168","matchCriteriaId":"4D51C05D-455B-4D8D-89E7-A58E140B864C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.113","matchCriteriaId":"D01BD22E-ACD1-4618-9D01-6116570BE1EE"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.55","matchCriteriaId":"E90B9576-56C4-47BC-AAB0-C5B2D438F5D0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.10.14","matchCriteriaId":"4C16BCE0-FFA0-4599-BE0A-1FD65101C021"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.11","versionEndExcluding":"6.11.3","matchCriteriaId":"54D9C704-D679-41A7-9C40-10A6B1E7FFE9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3c0d416eb4bef705f699213cee94bf54b6acdacd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4a6921095eb04a900e0000da83d9475eb958e61e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4cda484e584be34d55ee17436ebf7ad11922b97a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6d0a07f68b66269e167def6c0b90a219cd3e7473","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a3a855764dbacbdb1cc51e15dc588f2d21c93e0e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/aaadc0cb05c999ccd8898a03298b7e5c31509b08","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e657fa2df4429f3805a9b3e47fb1a4a1b02a72bd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e6897e299f57b103e999e62010b88e363b3eebae","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fdda354f60a576d52dcf90351254714681df4370","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2025-13954","sourceIdentifier":"vulnerability@ncsc.ch","published":"2025-12-10T09:15:46.067","lastModified":"2026-05-28T13:16:22.237","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI"}],"metrics":{"cvssMetricV40":[{"source":"vulnerability@ncsc.ch","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:L/U:X","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"HIGH","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"LOW","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"vulnerability@ncsc.ch","type":"Secondary","description":[{"lang":"en","value":"CWE-798"}]}],"references":[{"url":"https://www.ncsc.admin.ch/ncsc/en/home/infos-fuer/infos-it-spezialisten/themen/schwachstelle-melden/cvd-cases/cvd-case-1-test.html","source":"vulnerability@ncsc.ch"},{"url":"https://www.nimbletech.com.tw/index.php/release-note/","source":"vulnerability@ncsc.ch"}]}},{"cve":{"id":"CVE-2025-13955","sourceIdentifier":"vulnerability@ncsc.ch","published":"2025-12-10T09:15:46.710","lastModified":"2026-05-28T13:16:22.863","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II before version 1.17478.177 allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers"}],"metrics":{"cvssMetricV40":[{"source":"vulnerability@ncsc.ch","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:L/U:X","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"HIGH","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"LOW","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"vulnerability@ncsc.ch","type":"Secondary","description":[{"lang":"en","value":"CWE-330"}]}],"references":[{"url":"https://www.ncsc.admin.ch/ncsc/en/home/infos-fuer/infos-it-spezialisten/themen/schwachstelle-melden/cvd-cases/cvd-case-1-test.html","source":"vulnerability@ncsc.ch"},{"url":"https://www.nimbletech.com.tw/index.php/release-note/","source":"vulnerability@ncsc.ch"}]}},{"cve":{"id":"CVE-2026-23300","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-03-25T11:16:25.623","lastModified":"2026-05-28T14:46:05.717","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop\n\nWhen a standalone IPv6 nexthop object is created with a loopback device\n(e.g., \"ip -6 nexthop add id 100 dev lo\"), fib6_nh_init() misclassifies\nit as a reject route. This is because nexthop objects have no destination\nprefix (fc_dst=::), causing fib6_is_reject() to match any loopback\nnexthop. The reject path skips fib_nh_common_init(), leaving\nnhc_pcpu_rth_output unallocated. If an IPv4 route later references this\nnexthop, __mkroute_output() dereferences NULL nhc_pcpu_rth_output and\npanics.\n\nSimplify the check in fib6_nh_init() to only match explicit reject\nroutes (RTF_REJECT) instead of using fib6_is_reject(). The loopback\npromotion heuristic in fib6_is_reject() is handled separately by\nip6_route_info_create_nh(). After this change, the three cases behave\nas follows:\n\n1. Explicit reject route (\"ip -6 route add unreachable 2001:db8::/64\"):\n RTF_REJECT is set, enters reject path, skips fib_nh_common_init().\n No behavior change.\n\n2. Implicit loopback reject route (\"ip -6 route add 2001:db8::/32 dev lo\"):\n RTF_REJECT is not set, takes normal path, fib_nh_common_init() is\n called. ip6_route_info_create_nh() still promotes it to reject\n afterward. nhc_pcpu_rth_output is allocated but unused, which is\n harmless.\n\n3. Standalone nexthop object (\"ip -6 nexthop add id 100 dev lo\"):\n RTF_REJECT is not set, takes normal path, fib_nh_common_init() is\n called. nhc_pcpu_rth_output is properly allocated, fixing the crash\n when IPv4 routes reference this nexthop."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nnet: ipv6: corrige el pánico cuando una ruta IPv4 referencia un nexthop IPv6 de loopback\n\nCuando se crea un objeto nexthop IPv6 independiente con un dispositivo de loopback (p. ej., 'ip -6 nexthop add id 100 dev lo'), fib6_nh_init() lo clasifica erróneamente como una ruta de rechazo. Esto se debe a que los objetos nexthop no tienen prefijo de destino (fc_dst=::), lo que hace que fib6_is_reject() coincida con cualquier nexthop de loopback. La ruta de rechazo omite fib_nh_common_init(), dejando nhc_pcpu_rth_output sin asignar. Si una ruta IPv4 referencia posteriormente este nexthop, __mkroute_output() desreferencia nhc_pcpu_rth_output NULL y entra en pánico.\n\nSimplificar la verificación en fib6_nh_init() para que solo coincida con rutas de rechazo explícitas (RTF_REJECT) en lugar de usar fib6_is_reject(). La heurística de promoción de loopback en fib6_is_reject() se maneja por separado por ip6_route_info_create_nh(). Después de este cambio, los tres casos se comportan de la siguiente manera:\n\n1. Ruta de rechazo explícita ('ip -6 route add unreachable 2001:db8::/64'):\n RTF_REJECT está configurado, entra en la ruta de rechazo, omite fib_nh_common_init().\n Sin cambio de comportamiento.\n\n2. Ruta de rechazo de loopback implícita ('ip -6 route add 2001:db8::/32 dev lo'):\n RTF_REJECT no está configurado, toma la ruta normal, se llama a fib_nh_common_init().\n ip6_route_info_create_nh() aún lo promueve a rechazo posteriormente. nhc_pcpu_rth_output se asigna pero no se usa, lo cual es inofensivo.\n\n3. Objeto nexthop independiente ('ip -6 nexthop add id 100 dev lo'):\n RTF_REJECT no está configurado, toma la ruta normal, se llama a fib_nh_common_init().\n nhc_pcpu_rth_output se asigna correctamente, corrigiendo el fallo cuando las rutas IPv4 referencian este nexthop."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.3","versionEndExcluding":"5.10.253","matchCriteriaId":"A2D2F803-8C22-4352-AD69-759DA6F15B32"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.203","matchCriteriaId":"20DDB3E9-AABF-4107-ADB0-5362AA067045"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.167","matchCriteriaId":"2EDC6BAF-B710-4E26-B6AA-D68922EE7B43"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.130","matchCriteriaId":"C57BB918-DF28-46B3-94F7-144176841267"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.77","matchCriteriaId":"B3D12E00-E42D-4056-B354-BAD4903C03A5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.17","matchCriteriaId":"A5E006E4-59C7-43C1-9231-62A72219F2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.7","matchCriteriaId":"69245D10-0B71-485E-80C3-A64F077004D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*","matchCriteriaId":"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/21ec92774d1536f71bdc90b0e3d052eff99cf093","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/607e68c1b7c5a30c795571be1906d716e989a644","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8650db85b4259d2885d2a80fbc2317ce24194133","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b299121e7453d23faddf464087dff513a495b4fc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b3b5a037d520afe3d5276e653bc0ff516bbda34c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b5062fc2150614c9ea8a611c2e0cb6e047ebfa3a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c11d7c56c2076ee9cd72004f1976fe0734df2ae9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f7c9f8e3607440fe39300efbaf46cf7b5eecb23f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-23301","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-03-25T11:16:25.803","lastModified":"2026-05-28T14:44:19.440","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SDCA: Add allocation failure check for Entity name\n\nCurrently find_sdca_entity_iot() can allocate a string for the\nEntity name but it doesn't check if that allocation succeeded.\nAdd the missing NULL check after the allocation."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nASoC: SDCA: Añadir comprobación de fallo de asignación para el nombre de la Entidad\n\nActualmente, find_sdca_entity_iot() puede asignar una cadena para el nombre de la Entidad, pero no comprueba si esa asignación tuvo éxito. Añadir la comprobación NULL faltante después de la asignación."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-252"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.7","matchCriteriaId":"69245D10-0B71-485E-80C3-A64F077004D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*","matchCriteriaId":"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/27990181031fdcdbe0f7c46011f6404e5d116386","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bdcc10a86055beb7109a786d94abf5626f375bbd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-23302","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-03-25T11:16:25.923","lastModified":"2026-05-28T14:42:48.333","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: annotate data-races around sk->sk_{data_ready,write_space}\n\nskmsg (and probably other layers) are changing these pointers\nwhile other cpus might read them concurrently.\n\nAdd corresponding READ_ONCE()/WRITE_ONCE() annotations\nfor UDP, TCP and AF_UNIX."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nnet: anotar condiciones de carrera de datos alrededor de sk->sk_{data_ready,write_space}\n\nskmsg (y probablemente otras capas) están cambiando estos punteros mientras otras CPUs podrían leerlos concurrentemente.\n\nAñadir las correspondientes anotaciones READ_ONCE()/WRITE_ONCE() para UDP, TCP y AF_UNIX."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-362"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"6.6.136","matchCriteriaId":"6508946E-134B-4941-9550-4B3C2C1D16DD"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.82","matchCriteriaId":"02904CAE-71D2-45B3-9EC3-F6A9D18B6307"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.17","matchCriteriaId":"A5E006E4-59C7-43C1-9231-62A72219F2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.7","matchCriteriaId":"69245D10-0B71-485E-80C3-A64F077004D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*","matchCriteriaId":"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/27fccdbcbbfc4651b6f66756e6fa3f52e051ec23","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2ef2b20cf4e04ac8a6ba68493f8780776ff84300","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7ad01905831c815520f1b0486336a03bb7420465","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c494448bb522bbbb63096540eb2319101a0480ab","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f17c1c4acbe2bd702abce73a847a04a196fab2c5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-23303","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-03-25T11:16:26.060","lastModified":"2026-05-28T14:40:06.433","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Don't log plaintext credentials in cifs_set_cifscreds\n\nWhen debug logging is enabled, cifs_set_cifscreds() logs the key\npayload and exposes the plaintext username and password. Remove the\ndebug log to avoid exposing credentials."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nsmb: cliente: No registrar credenciales en texto plano en cifs_set_cifscreds\n\nCuando el registro de depuración está habilitado, cifs_set_cifscreds() registra la carga útil de la clave y expone el nombre de usuario y la contraseña en texto plano. Eliminar el registro de depuración para evitar exponer credenciales."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.3.1","versionEndExcluding":"5.10.253","matchCriteriaId":"FE4099A0-CF1A-4587-B409-7ECEFEBD0176"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.203","matchCriteriaId":"20DDB3E9-AABF-4107-ADB0-5362AA067045"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.167","matchCriteriaId":"2EDC6BAF-B710-4E26-B6AA-D68922EE7B43"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.130","matchCriteriaId":"C57BB918-DF28-46B3-94F7-144176841267"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.77","matchCriteriaId":"B3D12E00-E42D-4056-B354-BAD4903C03A5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.17","matchCriteriaId":"A5E006E4-59C7-43C1-9231-62A72219F2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.7","matchCriteriaId":"69245D10-0B71-485E-80C3-A64F077004D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:3.3:-:*:*:*:*:*:*","matchCriteriaId":"938CA222-4FA5-49B6-B828-242572B8208E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*","matchCriteriaId":"DBFD2ACD-728A-4082-BB6A-A1EF6E58E47D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*","matchCriteriaId":"C31B0E51-F62D-4053-B04F-FC4D5BC373D2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*","matchCriteriaId":"A914303E-1CB6-4AAD-9F5F-DE5433C4E814"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*","matchCriteriaId":"203BBA69-90B2-4C5E-8023-C14180742421"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*","matchCriteriaId":"0DBFAB53-B889-4028-AC0E-7E165B152A18"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*","matchCriteriaId":"FE409AEC-F677-4DEF-8EB7-2C35809043CE"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2ef0fc3bf49db2b9df36d5f44508c9e384bfa2a1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2f37dc436d4e61ff7ae0b0353cf91b8c10396e4d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3990f352bb0adc8688d0949a9c13e3110570eb61","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3e182701db612ddd794ccd5ed822e6cc1db2b972","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/54c570de9a35860dfa85fe668f23ddfda8cc7e26","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b746a357abfb8fdb0a171d51ec5091e786d34be1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e5a3b11e07b335006371915b2da47b6056c9e3bc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ff0ece8ed04180c52167c003362284b23cf54e8d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-23304","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-03-25T11:16:26.180","lastModified":"2026-05-28T14:34:35.550","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu()\n\nl3mdev_master_dev_rcu() can return NULL when the slave device is being\nun-slaved from a VRF. All other callers deal with this, but we lost\nthe fallback to loopback in ip6_rt_pcpu_alloc() -> ip6_rt_get_dev_rcu()\nwith commit 4832c30d5458 (\"net: ipv6: put host and anycast routes on\ndevice with address\").\n\n KASAN: null-ptr-deref in range [0x0000000000000108-0x000000000000010f]\n RIP: 0010:ip6_rt_pcpu_alloc (net/ipv6/route.c:1418)\n Call Trace:\n ip6_pol_route (net/ipv6/route.c:2318)\n fib6_rule_lookup (net/ipv6/fib6_rules.c:115)\n ip6_route_output_flags (net/ipv6/route.c:2607)\n vrf_process_v6_outbound (drivers/net/vrf.c:437)\n\nI was tempted to rework the un-slaving code to clear the flag first\nand insert synchronize_rcu() before we remove the upper. But looks like\nthe explicit fallback to loopback_dev is an established pattern.\nAnd I guess avoiding the synchronize_rcu() is nice, too."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nipv6: corrección de desreferencia de puntero NULL en ip6_rt_get_dev_rcu()\n\nl3mdev_master_dev_rcu() puede devolver NULL cuando el dispositivo esclavo está siendo desasociado de un VRF. Todos los demás llamadores manejan esto, pero perdimos la alternativa a loopback en ip6_rt_pcpu_alloc() -> ip6_rt_get_dev_rcu() con el commit 4832c30d5458 ('net: ipv6: put host and anycast routes on device with address').\n\n KASAN: desreferencia de puntero nulo en el rango [0x0000000000000108-0x000000000000010f]\n RIP: 0010:ip6_rt_pcpu_alloc (net/ipv6/route.c:1418)\n Traza de Llamadas:\n ip6_pol_route (net/ipv6/route.c:2318)\n fib6_rule_lookup (net/ipv6/fib6_rules.c:115)\n ip6_route_output_flags (net/ipv6/route.c:2607)\n vrf_process_v6_outbound (drivers/net/vrf.c:437)\n\nMe sentí tentado a reelaborar el código de desasociación para borrar la bandera primero e insertar synchronize_rcu() antes de que eliminemos el superior. Pero parece que la alternativa explícita a loopback_dev es un patrón establecido. Y supongo que evitar el synchronize_rcu() también es bueno."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.10.253","matchCriteriaId":"7144BCBC-124B-49FA-8BCC-259910F77E5A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.203","matchCriteriaId":"20DDB3E9-AABF-4107-ADB0-5362AA067045"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.167","matchCriteriaId":"2EDC6BAF-B710-4E26-B6AA-D68922EE7B43"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.130","matchCriteriaId":"C57BB918-DF28-46B3-94F7-144176841267"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.77","matchCriteriaId":"B3D12E00-E42D-4056-B354-BAD4903C03A5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.17","matchCriteriaId":"A5E006E4-59C7-43C1-9231-62A72219F2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.7","matchCriteriaId":"69245D10-0B71-485E-80C3-A64F077004D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*","matchCriteriaId":"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0b5a7826020706057cc5a9d9009e667027f221ee","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2ffb4f5c2ccb2fa1c049dd11899aee7967deef5a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3310fc11fc47387d1dd4759b0bc961643ea11c7f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4a48fe59f29f673a3d042d679f26629a9c3e29d4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/581800298313c9fd75e94985e6d37d21b7e35d34","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a73fe9f4ae84a239d5b2686f47a58c158aee2eb4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ae88c8256547b63980770a9ea7be73a15900d27e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d542e2ac7f9e288d49735be0775611547ca4e0ee","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-23305","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-03-25T11:16:26.347","lastModified":"2026-05-28T14:33:24.890","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\naccel/rocket: fix unwinding in error path in rocket_probe\n\nWhen rocket_core_init() fails (as could be the case with EPROBE_DEFER),\nwe need to properly unwind by decrementing the counter we just\nincremented and if this is the first core we failed to probe, remove the\nrocket DRM device with rocket_device_fini() as well. This matches the\nlogic in rocket_remove(). Failing to properly unwind results in\nout-of-bounds accesses."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\naccel/rocket: corregir el desenrollado en la ruta de error en rocket_probe\n\nCuando rocket_core_init() falla (como podría ser el caso con EPROBE_DEFER), necesitamos desenrollar correctamente decrementando el contador que acabamos de incrementar y, si este es el primer núcleo que no pudimos sondear, eliminar también el dispositivo DRM de rocket con rocket_device_fini(). Esto coincide con la lógica en rocket_remove(). No desenrollar correctamente resulta en accesos fuera de límites."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.18","versionEndExcluding":"6.18.17","matchCriteriaId":"91D34097-62D4-400A-8894-1A45A5B44EEA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.7","matchCriteriaId":"69245D10-0B71-485E-80C3-A64F077004D3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/34f4495a7f72895776b81969639f527c99eb12b9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7fc4b49474c836cee7d9801abf05e0198fcbfa74","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/eeaf28c8f4defe371a008a5ddefaf18abf534f81","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-23306","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-03-25T11:16:26.487","lastModified":"2026-05-28T14:31:45.513","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: pm8001: Fix use-after-free in pm8001_queue_command()\n\nCommit e29c47fe8946 (\"scsi: pm8001: Simplify pm8001_task_exec()\") refactors\npm8001_queue_command(), however it introduces a potential cause of a double\nfree scenario when it changes the function to return -ENODEV in case of phy\ndown/device gone state.\n\nIn this path, pm8001_queue_command() updates task status and calls\ntask_done to indicate to upper layer that the task has been handled.\nHowever, this also frees the underlying SAS task. A -ENODEV is then\nreturned to the caller. When libsas sas_ata_qc_issue() receives this error\nvalue, it assumes the task wasn't handled/queued by LLDD and proceeds to\nclean up and free the task again, resulting in a double free.\n\nSince pm8001_queue_command() handles the SAS task in this case, it should\nreturn 0 to the caller indicating that the task has been handled."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nscsi: pm8001: Corrección de uso después de liberación en pm8001_queue_command()\n\nEl commit e29c47fe8946 ('scsi: pm8001: Simplificar pm8001_task_exec()') refactoriza pm8001_queue_command(), sin embargo, introduce una causa potencial de un escenario de doble liberación cuando cambia la función para que devuelva -ENODEV en caso de estado de phy inactivo/dispositivo desaparecido.\n\nEn esta ruta, pm8001_queue_command() actualiza el estado de la tarea y llama a task_done para indicar a la capa superior que la tarea ha sido gestionada. Sin embargo, esto también libera la tarea SAS subyacente. Entonces se devuelve un -ENODEV al llamador. Cuando libsas sas_ata_qc_issue() recibe este valor de error, asume que la tarea no fue gestionada/enviada a la cola por LLDD y procede a limpiar y liberar la tarea de nuevo, resultando en una doble liberación.\n\nDado que pm8001_queue_command() gestiona la tarea SAS en este caso, debería devolver 0 al llamador indicando que la tarea ha sido gestionada."}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.18","versionEndExcluding":"6.1.167","matchCriteriaId":"25D24035-467E-4E84-987E-DA8067ECEAC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.130","matchCriteriaId":"C57BB918-DF28-46B3-94F7-144176841267"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.77","matchCriteriaId":"B3D12E00-E42D-4056-B354-BAD4903C03A5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.17","matchCriteriaId":"A5E006E4-59C7-43C1-9231-62A72219F2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.7","matchCriteriaId":"69245D10-0B71-485E-80C3-A64F077004D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/227ff4af00abc40b95123cc27ee8079069dcd8d7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/38353c26db28efd984f51d426eac2396d299cca7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/824a7672e3540962d5c77d4c6666254d7aa6f0b3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8b00427317ba7b7ec91252b034009f638d0f311b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c5dc39f8ae055520fd778b7fb0423f11586f15c4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ebbb852ffbc952b95ddb7e3872b67b3e74c6da47","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-23307","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-03-25T11:16:26.657","lastModified":"2026-05-28T14:28:13.630","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message\n\nWhen looking at the data in a USB urb, the actual_length is the size of\nthe buffer passed to the driver, not the transfer_buffer_length which is\nset by the driver as the max size of the buffer.\n\nWhen parsing the messages in ems_usb_read_bulk_callback() properly check\nthe size both at the beginning of parsing the message to make sure it is\nbig enough for the expected structure, and at the end of the message to\nmake sure we don't overflow past the end of the buffer for the next\nmessage."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\ncan: ems_usb: ems_usb_read_bulk_callback(): comprobar la longitud adecuada de un mensaje\n\nAl examinar los datos en un urb USB, la actual_length es el tamaño del búfer pasado al controlador, no la transfer_buffer_length que es establecida por el controlador como el tamaño máximo del búfer.\n\nAl analizar los mensajes en ems_usb_read_bulk_callback(), comprobar correctamente el tamaño tanto al principio del análisis del mensaje para asegurarse de que sea lo suficientemente grande para la estructura esperada, como al final del mensaje para asegurarse de que no desbordemos más allá del final del búfer para el siguiente mensaje."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.32","versionEndExcluding":"5.10.253","matchCriteriaId":"8DB41968-2F6C-4EDB-B464-1CF2AF52EF42"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.203","matchCriteriaId":"20DDB3E9-AABF-4107-ADB0-5362AA067045"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.167","matchCriteriaId":"2EDC6BAF-B710-4E26-B6AA-D68922EE7B43"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.130","matchCriteriaId":"C57BB918-DF28-46B3-94F7-144176841267"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.77","matchCriteriaId":"B3D12E00-E42D-4056-B354-BAD4903C03A5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.17","matchCriteriaId":"A5E006E4-59C7-43C1-9231-62A72219F2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.7","matchCriteriaId":"69245D10-0B71-485E-80C3-A64F077004D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*","matchCriteriaId":"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1818974e1b5ef200e27f144c8cb8a246420bb54d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/18f75b9cbdc3703f15965425ab69dee509b07785","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1cf469026d4a2308eaa91d04dca4a900d07a5c2e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2833e13e2b099546abf5d40a483b4eb04ddd1f7b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/38a01c9700b0dcafe97dfa9dc7531bf4a245deff","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/aed172a2e2330131f0977d2acd3ec8883f413ec1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c703bbf8e9b4947e111c88d2ed09236a6772a471","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f10177e6c4575aedaea580ce67d792fab7a2235e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-23308","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-03-25T11:16:26.823","lastModified":"2026-05-28T14:25:49.883","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: equilibrium: fix warning trace on load\n\nThe callback functions 'eqbr_irq_mask()' and 'eqbr_irq_ack()' are also\ncalled in the callback function 'eqbr_irq_mask_ack()'. This is done to\navoid source code duplication. The problem, is that in the function\n'eqbr_irq_mask()' also calles the gpiolib function 'gpiochip_disable_irq()'\n\nThis generates the following warning trace in the log for every gpio on\nload.\n\n[ 6.088111] ------------[ cut here ]------------\n[ 6.092440] WARNING: CPU: 3 PID: 1 at drivers/gpio/gpiolib.c:3810 gpiochip_disable_irq+0x39/0x50\n[ 6.097847] Modules linked in:\n[ 6.097847] CPU: 3 UID: 0 PID: 1 Comm: swapper/0 Tainted: G W 6.12.59+ #0\n[ 6.097847] Tainted: [W]=WARN\n[ 6.097847] RIP: 0010:gpiochip_disable_irq+0x39/0x50\n[ 6.097847] Code: 39 c6 48 19 c0 21 c6 48 c1 e6 05 48 03 b2 38 03 00 00 48 81 fe 00 f0 ff ff 77 11 48 8b 46 08 f6 c4 02 74 06 f0 80 66 09 fb c3 <0f> 0b 90 0f 1f 40 00 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40\n[ 6.097847] RSP: 0000:ffffc9000000b830 EFLAGS: 00010046\n[ 6.097847] RAX: 0000000000000045 RBX: ffff888001be02a0 RCX: 0000000000000008\n[ 6.097847] RDX: ffff888001be9000 RSI: ffff888001b2dd00 RDI: ffff888001be02a0\n[ 6.097847] RBP: ffffc9000000b860 R08: 0000000000000000 R09: 0000000000000000\n[ 6.097847] R10: 0000000000000001 R11: ffff888001b2a154 R12: ffff888001be0514\n[ 6.097847] R13: ffff888001be02a0 R14: 0000000000000008 R15: 0000000000000000\n[ 6.097847] FS: 0000000000000000(0000) GS:ffff888041d80000(0000) knlGS:0000000000000000\n[ 6.097847] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 6.097847] CR2: 0000000000000000 CR3: 0000000003030000 CR4: 00000000001026b0\n[ 6.097847] Call Trace:\n[ 6.097847] \n[ 6.097847] ? eqbr_irq_mask+0x63/0x70\n[ 6.097847] ? no_action+0x10/0x10\n[ 6.097847] eqbr_irq_mask_ack+0x11/0x60\n\nIn an other driver (drivers/pinctrl/starfive/pinctrl-starfive-jh7100.c) the\ninterrupt is not disabled here.\n\nTo fix this, do not call the 'eqbr_irq_mask()' and 'eqbr_irq_ack()'\nfunction. Implement instead this directly without disabling the interrupts."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\npinctrl: equilibrium: corregir el rastro de advertencia al cargar\n\nLas funciones de callback 'eqbr_irq_mask()' y 'eqbr_irq_ack()' también se llaman en la función de callback 'eqbr_irq_mask_ack()'. Esto se hace para evitar la duplicación de código fuente. El problema, es que en la función 'eqbr_irq_mask()' también llama a la función gpiolib 'gpiochip_disable_irq()'.\n\nEsto genera el siguiente rastro de advertencia en el log para cada gpio al cargar.\n\n[ 6.088111] ------------[ cut here ]------------\n[ 6.092440] WARNING: CPU: 3 PID: 1 at drivers/gpio/gpiolib.c:3810 gpiochip_disable_irq+0x39/0x50\n[ 6.097847] Modules linked in:\n[ 6.097847] CPU: 3 UID: 0 PID: 1 Comm: swapper/0 Tainted: G W 6.12.59+ #0\n[ 6.097847] Tainted: [W]=WARN\n[ 6.097847] RIP: 0010:gpiochip_disable_irq+0x39/0x50\n[ 6.097847] Code: 39 c6 48 19 c0 21 c6 48 c1 e6 05 48 03 b2 38 03 00 00 48 81 fe 00 f0 ff ff 77 11 48 8b 46 08 f6 c4 02 74 06 f0 80 66 09 fb c3 <0f> 0b 90 0f 1f 40 00 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40\n[ 6.097847] RSP: 0000:ffffc9000000b830 EFLAGS: 00010046\n[ 6.097847] RAX: 0000000000000045 RBX: ffff888001be02a0 RCX: 0000000000000008\n[ 6.097847] RDX: ffff888001be9000 RSI: ffff888001b2dd00 RDI: ffff888001be02a0\n[ 6.097847] RBP: ffffc9000000b860 R08: 0000000000000000 R09: 0000000000000000\n[ 6.097847] R10: 0000000000000001 R11: ffff888001b2a154 R12: ffff888001be0514\n[ 6.097847] R13: ffff888001be02a0 R14: 0000000000000008 R15: 0000000000000000\n[ 6.097847] FS: 0000000000000000(0000) GS:ffff888041d80000(0000) knlGS:0000000000000000\n[ 6.097847] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 6.097847] CR2: 0000000000000000 CR3: 0000000003030000 CR4: 00000000001026b0\n[ 6.097847] Call Trace:\n[ 6.097847] \n[ 6.097847] ? eqbr_irq_mask+0x63/0x70\n[ 6.097847] ? no_action+0x10/0x10\n[ 6.097847] eqbr_irq_mask_ack+0x11/0x60\n\nEn otro controlador (drivers/pinctrl/starfive/pinctrl-starfive-jh7100.c) la interrupción no se deshabilita aquí.\n\nPara solucionar esto, no llame a la función 'eqbr_irq_mask()' y 'eqbr_irq_ack()'. En su lugar, implemente esto directamente sin deshabilitar las interrupciones."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4","versionEndExcluding":"6.6.130","matchCriteriaId":"B5DC2349-A344-41CA-9A54-55596F8AD981"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.77","matchCriteriaId":"B3D12E00-E42D-4056-B354-BAD4903C03A5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.17","matchCriteriaId":"A5E006E4-59C7-43C1-9231-62A72219F2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.7","matchCriteriaId":"69245D10-0B71-485E-80C3-A64F077004D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*","matchCriteriaId":"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3e00b1b332e54ba50cca6691f628b9c06574024f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/53eba152810ef0fff8567b13ea0f62d48e62df6b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/896449ad9053a42c6c710aeae6175170176cabd0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/af3b0ec98dc1133521b612f8009fdd36b612aabe","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ec54546e8d8a50a9824c139a127a8459d1b0b1bb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-23309","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-03-25T11:16:26.993","lastModified":"2026-05-28T14:24:05.053","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Add NULL pointer check to trigger_data_free()\n\nIf trigger_data_alloc() fails and returns NULL, event_hist_trigger_parse()\njumps to the out_free error path. While kfree() safely handles a NULL\npointer, trigger_data_free() does not. This causes a NULL pointer\ndereference in trigger_data_free() when evaluating\ndata->cmd_ops->set_filter.\n\nFix the problem by adding a NULL pointer check to trigger_data_free().\n\nThe problem was found by an experimental code review agent based on\ngemini-3.1-pro while reviewing backports into v6.18.y."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\ntracing: Añadir comprobación de puntero NULL a trigger_data_free()\n\nSi trigger_data_alloc() falla y devuelve NULL, event_hist_trigger_parse() salta a la ruta de error out_free. Aunque kfree() maneja de forma segura un puntero NULL, trigger_data_free() no lo hace. Esto causa una desreferencia de puntero NULL en trigger_data_free() al evaluar data->cmd_ops->set_filter.\n\nCorregir el problema añadiendo una comprobación de puntero NULL a trigger_data_free().\n\nEl problema fue encontrado por un agente experimental de revisión de código basado en gemini-3.1-pro mientras revisaba backports en v6.18.y."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.165","versionEndExcluding":"6.1.167","matchCriteriaId":"D54E2FD5-7EF9-426A-9AE1-8E8DA970BCC8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.128","versionEndExcluding":"6.6.130","matchCriteriaId":"2099D3D0-97C6-44C5-913D-E616B07A9237"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12.75","versionEndExcluding":"6.12.77","matchCriteriaId":"84A22880-A425-402F-879A-9309659E3D36"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.18.14","versionEndExcluding":"6.18.17","matchCriteriaId":"4AEF99ED-2A46-4ECD-A9A4-D4D616C3DEE3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19.4","versionEndExcluding":"6.19.7","matchCriteriaId":"EABFC675-2A5E-4569-92F7-1E8942DA0683"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*","matchCriteriaId":"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/13dcd9269e225e4c4ceabdaeebe2ce4661b54c6e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2ce8ece5a78da67834db7728edc801889a64f643","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/42b380f97d65e76e7b310facd525f730272daf57","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/457965c13f0837a289c9164b842d0860133f6274","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/477469223b2b840f436ce204333de87cb17e5d93","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/59c15b9cc453b74beb9f04c6c398717e73612dc3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-23310","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-03-25T11:16:27.160","lastModified":"2026-05-28T14:20:22.840","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded\n\nbond_option_mode_set() already rejects mode changes that would make a\nloaded XDP program incompatible via bond_xdp_check(). However,\nbond_option_xmit_hash_policy_set() has no such guard.\n\nFor 802.3ad and balance-xor modes, bond_xdp_check() returns false when\nxmit_hash_policy is vlan+srcmac, because the 802.1q payload is usually\nabsent due to hardware offload. This means a user can:\n\n1. Attach a native XDP program to a bond in 802.3ad/balance-xor mode\n with a compatible xmit_hash_policy (e.g. layer2+3).\n2. Change xmit_hash_policy to vlan+srcmac while XDP remains loaded.\n\nThis leaves bond->xdp_prog set but bond_xdp_check() now returning false\nfor the same device. When the bond is later destroyed, dev_xdp_uninstall()\ncalls bond_xdp_set(dev, NULL, NULL) to remove the program, which hits\nthe bond_xdp_check() guard and returns -EOPNOTSUPP, triggering:\n\nWARN_ON(dev_xdp_install(dev, mode, bpf_op, NULL, 0, NULL))\n\nFix this by rejecting xmit_hash_policy changes to vlan+srcmac when an\nXDP program is loaded on a bond in 802.3ad or balance-xor mode.\n\ncommit 39a0876d595b (\"net, bonding: Disallow vlan+srcmac with XDP\")\nintroduced bond_xdp_check() which returns false for 802.3ad/balance-xor\nmodes when xmit_hash_policy is vlan+srcmac. The check was wired into\nbond_xdp_set() to reject XDP attachment with an incompatible policy, but\nthe symmetric path -- preventing xmit_hash_policy from being changed to an\nincompatible value after XDP is already loaded -- was left unguarded in\nbond_option_xmit_hash_policy_set().\n\nNote:\ncommit 094ee6017ea0 (\"bonding: check xdp prog when set bond mode\")\nlater added a similar guard to bond_option_mode_set(), but\nbond_option_xmit_hash_policy_set() remained unprotected."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nbpf/bonding: rechazar el cambio de política de hash de transmisión (xmit_hash_policy) a vlan+srcmac cuando XDP está cargado\n\nbond_option_mode_set() ya rechaza los cambios de modo que harían incompatible un programa XDP cargado a través de bond_xdp_check(). Sin embargo, bond_option_xmit_hash_policy_set() no tiene tal protección.\n\nPara los modos 802.3ad y balance-xor, bond_xdp_check() devuelve falso cuando la política de hash de transmisión (xmit_hash_policy) es vlan+srcmac, porque la carga útil 802.1q suele estar ausente debido a la descarga de hardware. Esto significa que un usuario puede:\n\n1. Adjuntar un programa XDP nativo a un bond en modo 802.3ad/balance-xor con una política de hash de transmisión (xmit_hash_policy) compatible (por ejemplo, capa2+3).\n2. Cambiar la política de hash de transmisión (xmit_hash_policy) a vlan+srcmac mientras XDP permanece cargado.\n\nEsto deja bond->xdp_prog establecido, pero bond_xdp_check() ahora devuelve falso para el mismo dispositivo. Cuando el bond es destruido posteriormente, dev_xdp_uninstall() llama a bond_xdp_set(dev, NULL, NULL) para eliminar el programa, lo que activa la protección de bond_xdp_check() y devuelve -EOPNOTSUPP, desencadenando:\n\nWARN_ON(dev_xdp_install(dev, mode, bpf_op, NULL, 0, NULL))\n\nSolucione esto rechazando los cambios de política de hash de transmisión (xmit_hash_policy) a vlan+srcmac cuando un programa XDP está cargado en un bond en modo 802.3ad o balance-xor.\n\nEl commit 39a0876d595b ('net, bonding: No permitir vlan+srcmac con XDP') introdujo bond_xdp_check() que devuelve falso para los modos 802.3ad/balance-xor cuando la política de hash de transmisión (xmit_hash_policy) es vlan+srcmac. La verificación se integró en bond_xdp_set() para rechazar la asociación de XDP con una política incompatible, pero la ruta simétrica -- impidiendo que la política de hash de transmisión (xmit_hash_policy) se cambie a un valor incompatible después de que XDP ya esté cargado -- se dejó sin protección en bond_option_xmit_hash_policy_set().\n\nNota:\nEl commit 094ee6017ea0 ('bonding: verificar programa xdp al establecer modo de bond') añadió posteriormente una protección similar a bond_option_mode_set(), pero bond_option_xmit_hash_policy_set() permaneció sin protección."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"6.6.130","matchCriteriaId":"E265D934-61CB-43A3-82C6-6D0F5B6DD9D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.77","matchCriteriaId":"B3D12E00-E42D-4056-B354-BAD4903C03A5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.17","matchCriteriaId":"A5E006E4-59C7-43C1-9231-62A72219F2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.7","matchCriteriaId":"69245D10-0B71-485E-80C3-A64F077004D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*","matchCriteriaId":"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0ace8027e41f6f094ef6c1aca42d2ed6cd7af54e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/479d589b40b836442bbdadc3fdb37f001bb67f26","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5c262bd0e39320a6d6c8277cb8349ce21c01b8c1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d36ad7e126c6a0c5f699583309ccc37e3a3263ea","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e85fa809e507b9d8eff4840888b8c727e4e8448c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-5119","sourceIdentifier":"secalert@redhat.com","published":"2026-03-30T07:15:58.350","lastModified":"2026-05-28T12:16:17.833","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network-positioned attacker or a malicious HTTP proxy can intercept these cookies, leading to potential session hijacking or user impersonation."},{"lang":"es","value":"Se encontró una vulnerabilidad en libsoup. Al establecer túneles HTTPS a través de un proxy HTTP configurado, las cookies de sesión sensibles se transmiten en texto claro dentro de la solicitud HTTP CONNECT inicial. Un atacante posicionado en la red o un proxy HTTP malicioso puede interceptar estas cookies, lo que podría conducir al secuestro potencial de la sesión o a la suplantación de identidad del usuario."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-319"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:libsoup:-:*:*:*:*:*:*:*","matchCriteriaId":"C5BAC4F4-3ACD-4F4D-920C-F920FD2C5472"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:13978","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:14087","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:15968","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:17482","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:19143","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:19356","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:21686","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-5119","source":"secalert@redhat.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2452932","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/502","source":"secalert@redhat.com","tags":["Exploit","Issue Tracking"]}]}},{"cve":{"id":"CVE-2026-5272","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-04-01T05:16:00.287","lastModified":"2026-05-28T14:33:59.507","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Heap buffer overflow in GPU in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)"}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Primary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"146.0.7680.177","matchCriteriaId":"55B0324F-7911-403B-8235-D71996B55DFB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/491732188","source":"chrome-cve-admin@google.com","tags":["Issue Tracking","Permissions Required"]}]}},{"cve":{"id":"CVE-2026-32201","sourceIdentifier":"secure@microsoft.com","published":"2026-04-14T18:17:27.160","lastModified":"2026-05-28T14:27:53.370","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}]},"cisaExploitAdd":"2026-04-14","cisaActionDue":"2026-04-28","cisaRequiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","cisaVulnerabilityName":"Microsoft SharePoint Server Improper Input Validation Vulnerability","weaknesses":[{"source":"secure@microsoft.com","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20210","matchCriteriaId":"5CA92EAC-72F0-43F4-A8E0-FA40C57AEF01"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*","matchCriteriaId":"F815EF1D-7B60-47BE-9AC2-2548F99F10E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32201","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-32201","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-7101","sourceIdentifier":"cna@vuldb.com","published":"2026-04-27T09:16:02.747","lastModified":"2026-05-28T13:57:48.290","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been found in Tenda F456 1.0.0.5. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. The manipulation leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used."}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-120"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:f456_firmware:1.0.0.5:*:*:*:*:*:*:*","matchCriteriaId":"1447AF3C-1A81-4784-A3AB-7F6075607BC7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:f456:-:*:*:*:*:*:*:*","matchCriteriaId":"ED31EF75-B92E-4362-9B56-AF1DFE4B9D1C"}]}]}],"references":[{"url":"https://github.com/Litengzheng/vuldb_new/blob/main/F456/vul_139/README.md","source":"cna@vuldb.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://vuldb.com/submit/798474","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/359676","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/359676/cti","source":"cna@vuldb.com","tags":["Permissions Required","VDB Entry"]},{"url":"https://www.tenda.com.cn/","source":"cna@vuldb.com","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-5781","sourceIdentifier":"cve-coordination@incibe.es","published":"2026-04-28T13:19:22.717","lastModified":"2026-05-28T13:57:24.813","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An authorization vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/moUser/update' endpoint, could allow an authenticated user with user modification privileges to escalate their privileges by sending an HTTP request with a manipulated 'identifier' field. Successful exploitation of this vulnerability could allow an authenticated user to obtain administrator privileges. It is not possible to escalate privileges through the graphical user interface."}],"metrics":{"cvssMetricV40":[{"source":"cve-coordination@incibe.es","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"cve-coordination@incibe.es","type":"Primary","description":[{"lang":"en","value":"CWE-285"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:agilonhealth:minerva:3.6.0:*:*:*:*:*:*:*","matchCriteriaId":"14070C6A-CA8D-4B09-B988-D05A648B76F1"}]}]}],"references":[{"url":"https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-mphrxs-minerva","source":"cve-coordination@incibe.es","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-8398","sourceIdentifier":"vulnerability@kaspersky.com","published":"2026-05-15T09:16:17.653","lastModified":"2026-05-28T12:57:00.563","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows versions 12.5.0.2421 through 12.5.0.2434), distributed from the legitimate website daemon-tools.cc between approximately April 8, 2026, and May 5, 2026. Attackers gained unauthorized access to the vendor's (AVB Disc Soft) build or distribution infrastructure and trojanized three binaries: DTHelper.exe, DiscSoftBusServiceLite.exe, and DTShellHlp.exe. These files were digitally signed with the legitimate AVB Disc Soft code-signing certificate, allowing the malicious installers to appear trustworthy and bypass signature-based detection."}],"metrics":{"cvssMetricV40":[{"source":"vulnerability@kaspersky.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"vulnerability@kaspersky.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"cisaExploitAdd":"2026-05-27","cisaActionDue":"2026-05-30","cisaRequiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","cisaVulnerabilityName":"Daemon Tools Lite Embedded Malicious Code Vulnerability","weaknesses":[{"source":"vulnerability@kaspersky.com","type":"Secondary","description":[{"lang":"en","value":"CWE-506"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:disc-soft:daemon_tools:12.5.1:*:*:*:lite:*:*:*","matchCriteriaId":"F291E275-397E-40E4-8ABD-292B16A8C90E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://blog.daemon-tools.cc/post/security-incident","source":"vulnerability@kaspersky.com","tags":["Vendor Advisory"]},{"url":"https://securelist.com/tr/daemon-tools-backdoor/119654/","source":"vulnerability@kaspersky.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-8398","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}},{"cve":{"id":"CVE-2026-39832","sourceIdentifier":"security@golang.org","published":"2026-05-22T04:16:22.663","lastModified":"2026-05-28T15:11:29.110","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When adding a key to a remote agent constraint extensions such as restrict-destination-v00@openssh.com were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all constraint extensions. Additionally, the in-memory keyring returned by NewKeyring() now rejects keys with unsupported constraint extensions instead of silently ignoring them."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:crypto:*:*:*:*:*:go:*:*","versionEndExcluding":"0.52.0","matchCriteriaId":"D540395B-31B8-4B07-8F79-F5C631BBD5C8"}]}]}],"references":[{"url":"https://go.dev/cl/778642","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://go.dev/issue/79435","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://groups.google.com/g/golang-announce/c/a082jnz-LvI","source":"security@golang.org","tags":["Mailing List"]},{"url":"https://pkg.go.dev/vuln/GO-2026-5006","source":"security@golang.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-39833","sourceIdentifier":"security@golang.org","published":"2026-05-22T04:16:22.773","lastModified":"2026-05-28T15:04:39.110","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The in-memory keyring returned by NewKeyring() silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring() now returns an error when unsupported constraints are requested."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:crypto:*:*:*:*:*:go:*:*","versionEndExcluding":"0.52.0","matchCriteriaId":"D540395B-31B8-4B07-8F79-F5C631BBD5C8"}]}]}],"references":[{"url":"https://go.dev/cl/778640","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://go.dev/cl/778641","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://go.dev/issue/79436","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://groups.google.com/g/golang-announce/c/a082jnz-LvI","source":"security@golang.org","tags":["Mailing List"]},{"url":"https://pkg.go.dev/vuln/GO-2026-5005","source":"security@golang.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-39834","sourceIdentifier":"security@golang.org","published":"2026-05-22T04:16:24.237","lastModified":"2026-05-28T15:03:47.970","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:crypto:*:*:*:*:*:go:*:*","versionEndExcluding":"0.52.0","matchCriteriaId":"D540395B-31B8-4B07-8F79-F5C631BBD5C8"}]}]}],"references":[{"url":"https://go.dev/cl/781663","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://go.dev/issue/79567","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://groups.google.com/g/golang-announce/c/a082jnz-LvI","source":"security@golang.org","tags":["Mailing List"]},{"url":"https://pkg.go.dev/vuln/GO-2026-5020","source":"security@golang.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-39835","sourceIdentifier":"security@golang.org","published":"2026-05-22T04:16:24.530","lastModified":"2026-05-28T14:56:13.500","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:crypto:*:*:*:*:*:go:*:*","versionEndExcluding":"0.52.0","matchCriteriaId":"D540395B-31B8-4B07-8F79-F5C631BBD5C8"}]}]}],"references":[{"url":"https://go.dev/cl/781660","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://go.dev/issue/79563","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://groups.google.com/g/golang-announce/c/a082jnz-LvI","source":"security@golang.org","tags":["Mailing List"]},{"url":"https://pkg.go.dev/vuln/GO-2026-5015","source":"security@golang.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42508","sourceIdentifier":"security@golang.org","published":"2026-05-22T04:16:25.440","lastModified":"2026-05-28T14:47:37.590","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checked for @revoked."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:crypto:*:*:*:*:*:go:*:*","versionEndExcluding":"0.52.0","matchCriteriaId":"D540395B-31B8-4B07-8F79-F5C631BBD5C8"}]}]}],"references":[{"url":"https://go.dev/cl/781220","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://go.dev/issue/79568","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://groups.google.com/g/golang-announce/c/a082jnz-LvI","source":"security@golang.org","tags":["Mailing List"]},{"url":"https://pkg.go.dev/vuln/GO-2026-5021","source":"security@golang.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46595","sourceIdentifier":"security@golang.org","published":"2026-05-22T04:16:25.550","lastModified":"2026-05-28T14:44:43.563","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":6.0}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:crypto:*:*:*:*:*:go:*:*","versionEndExcluding":"0.52.0","matchCriteriaId":"D540395B-31B8-4B07-8F79-F5C631BBD5C8"}]}]}],"references":[{"url":"https://go.dev/cl/781642","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://go.dev/issue/79570","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://groups.google.com/g/golang-announce/c/a082jnz-LvI","source":"security@golang.org","tags":["Mailing List"]},{"url":"https://pkg.go.dev/vuln/GO-2026-5023","source":"security@golang.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46597","sourceIdentifier":"security@golang.org","published":"2026-05-22T04:16:26.003","lastModified":"2026-05-28T14:44:17.637","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-704"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:crypto:*:*:*:*:*:go:*:*","versionEndExcluding":"0.52.0","matchCriteriaId":"D540395B-31B8-4B07-8F79-F5C631BBD5C8"}]}]}],"references":[{"url":"https://go.dev/cl/781620","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://go.dev/issue/79561","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://groups.google.com/g/golang-announce/c/a082jnz-LvI","source":"security@golang.org","tags":["Mailing List"]},{"url":"https://pkg.go.dev/vuln/GO-2026-5013","source":"security@golang.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46598","sourceIdentifier":"security@golang.org","published":"2026-05-22T04:16:26.537","lastModified":"2026-05-28T14:34:45.517","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-129"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:crypto:*:*:*:*:*:go:*:*","versionEndExcluding":"0.52.0","matchCriteriaId":"D540395B-31B8-4B07-8F79-F5C631BBD5C8"}]}]}],"references":[{"url":"https://go.dev/cl/781360","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://go.dev/issue/79596","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://groups.google.com/g/golang-announce/c/a082jnz-LvI","source":"security@golang.org","tags":["Mailing List"]},{"url":"https://pkg.go.dev/vuln/GO-2026-5033","source":"security@golang.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45249","sourceIdentifier":"security@apache.org","published":"2026-05-25T08:16:24.047","lastModified":"2026-05-28T13:48:07.777","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) vulnerability exists in Apache ECharts in the Lines series tooltip rendering logic.\n\n\n\n\nThis issue affects Apache ECharts: from before 6.1.0.\n\nIn versions prior to 6.1.0, if both Lines series and tooltip are used, and no user-specified tooltip.formatter is provided, and series.data[i].name is specified, raw HTML string series.data[i].name can be rendered through innerHTML sink into tooltip content. Although tooltip is allowed to accept user-provided raw HTML via a custom tooltip.formatter, the built-in tooltip formatters conventionally perform HTML escaping automatically. This case breaks that convention and may unexpectedly lead to script execution when tooltips are displayed.\n\n\nUsers are recommended to upgrade to version 6.1.0 if using the Lines series in this way, which fixes the issue."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:echarts:*:*:*:*:*:*:*:*","versionEndExcluding":"6.1.0","matchCriteriaId":"C5BE8944-7186-4565-A5C3-58796C9C9BC7"}]}]}],"references":[{"url":"https://echarts.apache.org/en/option.html#series-lines","source":"security@apache.org","tags":["Product"]},{"url":"https://echarts.apache.org/handbook/en/best-practices/security/#passing_raw_html_safely","source":"security@apache.org","tags":["Product"]},{"url":"https://github.com/apache/echarts/pull/21608","source":"security@apache.org","tags":["Issue Tracking","Patch"]},{"url":"https://lists.apache.org/thread/1g6xk7gd9vg1c6zyqqt2lnko10zomc3o","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/05/23/4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-43827","sourceIdentifier":"security@apache.org","published":"2026-05-25T21:16:34.700","lastModified":"2026-05-28T13:47:12.817","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Default configurations of Apache Shiro have a session fixation vulnerability.\n\nThis issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1.\n\nUsers are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue.\n\nIn the affected versions, when a session already exists, it is not invalidated upon successful login, nor is a new session being generated with a new ID."}],"metrics":{"cvssMetricV40":[{"source":"security@apache.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:L/U:Amber","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-384"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:shiro:*:*:*:*:*:*:*:*","versionEndExcluding":"2.1.1","matchCriteriaId":"732C70AE-03A5-43A3-AC55-D81BEF469C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:shiro:3.0.0:alpha1:*:*:*:*:*:*","matchCriteriaId":"C79C762D-108B-4C23-BEAF-0115D43D83BD"}]}]}],"references":[{"url":"https://shiro.apache.org/security-reports.html#cve_2026_43827","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/05/25/6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-43828","sourceIdentifier":"security@apache.org","published":"2026-05-25T21:16:34.840","lastModified":"2026-05-28T13:45:52.840","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Default configurations of Apache Shiro send sensitive cookies in HTTPS session without 'Secure' attribute.\n\n\n\nThis issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1.\n\nUsers are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue.\n\nIn the affected versions, Shiro-native session manager, as well as Remember-Me manager sends JSESSIONID and rememberMe cookies without 'secure' attribute by default."}],"metrics":{"cvssMetricV40":[{"source":"security@apache.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:L/U:Amber","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-614"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:shiro:*:*:*:*:*:*:*:*","versionEndExcluding":"2.1.1","matchCriteriaId":"732C70AE-03A5-43A3-AC55-D81BEF469C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:shiro:3.0.0:alpha1:*:*:*:*:*:*","matchCriteriaId":"C79C762D-108B-4C23-BEAF-0115D43D83BD"}]}]}],"references":[{"url":"https://shiro.apache.org/security-reports.html#cve_2026_43828","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/05/25/7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-44598","sourceIdentifier":"security@apache.org","published":"2026-05-25T21:16:34.970","lastModified":"2026-05-28T13:44:45.473","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"With valid login credentials, URL Redirection to Untrusted Site ('Open Redirect'), Server-Side Request Forgery (SSRF) vulnerability in Apache Shiro.\n\n\n\n\nThis issue affects Apache Shiro from 2.0-alpha to 2.1.0, and 3.0.0-alpha-1, only when using shiro-jakarta-ee integration module.\n\nUsers are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue by encrypting the cookie.\n\nAfter successful login, Jakarta EE integration module uses shiroSavedRequest cookie to redirect to a particular web page after login.\nThis cookie was not validated, and can be forged to send a HTTP GET request from the server itself to an arbitrary URL from the cookie."}],"metrics":{"cvssMetricV40":[{"source":"security@apache.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:A/V:D/RE:L/U:Green","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NEGLIGIBLE","Automatable":"YES","Recovery":"AUTOMATIC","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"GREEN"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-601"},{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:shiro:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.1.1","matchCriteriaId":"532EF640-8FA3-437C-9F02-6A17A5843675"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:shiro:3.0.0:alpha1:*:*:*:*:*:*","matchCriteriaId":"C79C762D-108B-4C23-BEAF-0115D43D83BD"}]}]}],"references":[{"url":"https://shiro.apache.org/security-reports.html#cve_2026_44598","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/05/25/8","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-48589","sourceIdentifier":"security@apache.org","published":"2026-05-25T21:16:35.117","lastModified":"2026-05-28T13:38:44.880","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Apache Shiro’s Jakarta EE module used the HTTP Referer header in certain cases to issue redirect after a user login.\nIn affected versions, insufficient validation of this client-controlled value could allow an attacker to influence the redirect target in applications using the Jakarta EE module.\nThis issue affects Apache Shiro from 2.0-alpha to 2.2.0, and 3.0.0-alpha-1, only when using shiro-jakarta-ee integration module."}],"metrics":{"cvssMetricV40":[{"source":"security@apache.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:A/V:D/RE:X/U:Green","baseScore":0.0,"baseSeverity":"NONE","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NEGLIGIBLE","Automatable":"YES","Recovery":"AUTOMATIC","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"GREEN"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:shiro:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.2.1","matchCriteriaId":"4EFE9570-0EAC-4F87-8451-0F2C48984A06"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:shiro:3.0.0:alpha1:*:*:*:*:*:*","matchCriteriaId":"C79C762D-108B-4C23-BEAF-0115D43D83BD"}]}]}],"references":[{"url":"https://shiro.apache.org/security-reports.html#cve_2026_48589","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/05/25/9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-42496","sourceIdentifier":"9b29abf9-4ab0-4765-b253-1875cd9b441e","published":"2026-05-26T02:16:40.130","lastModified":"2026-05-28T14:16:20.023","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory.\n\n_make_special_file() passes the tar header's linkname to symlink() without validating it against absolute paths or .. segments. The secure-extract mode check that guards regular file extraction does not cover the symlink target.\n\nA subsequent open through the extracted name reads or writes the attacker chosen path."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}]},"weaknesses":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:archive\\:\\:tar_project:archive\\:\\:tar:*:*:*:*:*:perl:*:*","versionEndExcluding":"3.08","matchCriteriaId":"CE0EEC28-8DB1-42B8-9D87-5E9AA5D1C168"}]}]}],"references":[{"url":"https://github.com/jib/archive-tar-new/commit/17c873492a05eddc0de18c1485e0b2cccd5a9158.patch","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":["Patch"]},{"url":"https://metacpan.org/release/BINGOS/Archive-Tar-3.08/changes","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":["Release Notes"]},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-42497","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-42497","sourceIdentifier":"9b29abf9-4ab0-4765-b253-1875cd9b441e","published":"2026-05-26T02:16:40.250","lastModified":"2026-05-28T14:16:20.180","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory.\n\n_make_special_file() passes the tar header's linkname to link() without validating it against absolute paths or .. segments, creating a hardlink that shares the victim file's inode.\n\nA subsequent write through the extracted name modifies the victim file, and the post-extraction chmod, chown, and utime block in _extract_file() (guarded only against symlinks via -l) applies the tar header's mode, owner, and timestamps to the shared inode during extraction alone."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","type":"Secondary","description":[{"lang":"en","value":"CWE-59"},{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:archive\\:\\:tar_project:archive\\:\\:tar:*:*:*:*:*:perl:*:*","versionEndExcluding":"3.08","matchCriteriaId":"CE0EEC28-8DB1-42B8-9D87-5E9AA5D1C168"}]}]}],"references":[{"url":"https://github.com/jib/archive-tar-new/commit/17c873492a05eddc0de18c1485e0b2cccd5a9158.patch","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":["Patch"]},{"url":"https://metacpan.org/release/BINGOS/Archive-Tar-3.08/changes","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":["Release Notes"]},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-42496","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-9538","sourceIdentifier":"9b29abf9-4ab0-4765-b253-1875cd9b441e","published":"2026-05-26T02:16:41.150","lastModified":"2026-05-28T14:16:26.020","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header.\n\n_read_tar() reads each entry's payload with $handle->read($$data, $block), where $block is derived from the entry's 12-byte size field in the tar header with no upper bound on that value.\n\nA crafted header declaring a multi-gigabyte size causes Perl to allocate a scalar of that size."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","type":"Secondary","description":[{"lang":"en","value":"CWE-789"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:archive\\:\\:tar_project:archive\\:\\:tar:*:*:*:*:*:perl:*:*","versionEndExcluding":"3.10","matchCriteriaId":"0D0D2922-4664-4650-8D9E-C8D5641A7106"}]}]}],"references":[{"url":"https://github.com/jib/archive-tar-new/commit/f9af01426038e29d9578825a0cd3626946ab08c7.patch","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":["Patch"]},{"url":"https://metacpan.org/release/BINGOS/Archive-Tar-3.10/changes","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":["Release Notes"]},{"url":"http://www.openwall.com/lists/oss-security/2026/05/26/4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-48901","sourceIdentifier":"security@joomla.org","published":"2026-05-26T17:16:54.880","lastModified":"2026-05-28T14:16:23.753","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"The InputFilter::getInstance() method omitted a security sensitive parameter from the instance cache key."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-524"}]}],"references":[{"url":"https://developer.joomla.org/security-centre/1049-20260517-core-incorrect-cache-key-construction-for-inputfilter-objects.html","source":"security@joomla.org"}]}},{"cve":{"id":"CVE-2026-48902","sourceIdentifier":"security@joomla.org","published":"2026-05-26T17:16:54.970","lastModified":"2026-05-28T14:16:23.920","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"The password and username reset features created plain http links for https connections if the \"Force SSL\" flag wasn't explicitly set."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"references":[{"url":"https://developer.joomla.org/security-centre/1050-20260518-core-transport-encryption-downgrade-for-password-and-username-reset-links.html","source":"security@joomla.org"}]}},{"cve":{"id":"CVE-2026-9572","sourceIdentifier":"cna@vuldb.com","published":"2026-05-26T19:16:34.890","lastModified":"2026-05-28T14:32:47.800","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A security vulnerability has been detected in GPAC up to 2.4.0. Affected by this issue is the function Media_GetSample of the file src/isomedia/media.c of the component MP4Box. Such manipulation of the argument cat leads to memory leak. The attack can only be performed from a local environment. The exploit has been disclosed publicly and may be used. The name of the patch is e79c5cbe8b3fed27f4854ec229457d30c96206f1. It is best practice to apply a patch to resolve this issue."}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:S/C:N/I:N/A:P","baseScore":1.7,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.1,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-401"},{"lang":"en","value":"CWE-404"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*","versionEndIncluding":"2.4.0","matchCriteriaId":"3569968C-C15E-4091-B538-8B212A2F16CC"}]}]}],"references":[{"url":"https://github.com/gpac/gpac/","source":"cna@vuldb.com","tags":["Product"]},{"url":"https://github.com/gpac/gpac/commit/e79c5cbe8b3fed27f4854ec229457d30c96206f1","source":"cna@vuldb.com","tags":["Patch"]},{"url":"https://github.com/gpac/gpac/issues/3557","source":"cna@vuldb.com","tags":["Exploit","Issue Tracking"]},{"url":"https://github.com/user-attachments/files/27270415/poc.zip","source":"cna@vuldb.com","tags":["Exploit"]},{"url":"https://vuldb.com/submit/817137","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/365631","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/365631/cti","source":"cna@vuldb.com","tags":["Permissions Required","VDB Entry"]},{"url":"https://github.com/gpac/gpac/issues/3557","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking"]},{"url":"https://vuldb.com/submit/817137","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2026-44214","sourceIdentifier":"security-advisories@github.com","published":"2026-05-26T20:16:19.803","lastModified":"2026-05-28T14:30:02.060","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"eventsource-encoder encodes events as well-formed EventSource/Server Sent Event (SSE) messages. Prior to 1.0.2, eventsource-encoder does not sanitize the event or id fields of an EventSourceMessage before serializing them. An attacker who controls either field can inject arbitrary Server-Sent Events line terminators (\\n, \\r, or \\r\\n) and thereby forge additional SSE fields or entire messages on the stream. This vulnerability is fixed in 1.0.2."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-93"},{"lang":"en","value":"CWE-113"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rexxars:eventsource-encoder:*:*:*:*:*:node.js:*:*","versionEndExcluding":"1.0.2","matchCriteriaId":"8177C5C4-DAA1-43A8-A156-EEE62C9080A1"}]}]}],"references":[{"url":"https://github.com/rexxars/eventsource-encoder/security/advisories/GHSA-m9g3-3g99-mhpx","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://github.com/rexxars/eventsource-encoder/security/advisories/GHSA-m9g3-3g99-mhpx","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44708","sourceIdentifier":"security-advisories@github.com","published":"2026-05-26T21:16:38.527","lastModified":"2026-05-28T13:44:30.730","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, the mistune math plugin renders inline math ($...$) and block math ($$...$$) by concatenating the raw user-supplied content directly into the HTML output without any HTML escaping. This occurs even when the parser is explicitly created with escape=True, which is supposed to guarantee that all user-controlled text is sanitised before reaching the DOM. This vulnerability is fixed in 3.2.1."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mistune_project:mistune:*:*:*:*:*:*:*:*","versionEndExcluding":"3.2.1","matchCriteriaId":"A91629D7-7A30-4A3F-B1AD-17FE21D59820"}]}]}],"references":[{"url":"https://github.com/lepture/mistune/releases/tag/v3.2.1","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-8g87-j6q8-g93x","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-8g87-j6q8-g93x","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44896","sourceIdentifier":"security-advisories@github.com","published":"2026-05-26T21:16:39.477","lastModified":"2026-05-28T13:43:22.150","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mistune is a Python Markdown parser with renderers and plugins. In 3.2.0 and realier, in src/mistune/directives/image.py, the render_figure() function concatenates figclass and figwidth options directly into HTML attributes without escaping. This allows attribute injection and XSS even when HTMLRenderer(escape=True) is used, because these values bypass the inline renderer."}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mistune_project:mistune:*:*:*:*:*:*:*:*","versionEndIncluding":"3.2.0","matchCriteriaId":"D647BA3B-A532-4964-8200-19F77A0676D0"}]}]}],"references":[{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-58cw-g322-p94v","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44897","sourceIdentifier":"security-advisories@github.com","published":"2026-05-26T21:16:39.657","lastModified":"2026-05-28T13:42:42.863","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, HTMLRenderer.heading() builds the opening tag by string-concatenating the id attribute value directly into the HTML — with no call to escape(), safe_entity(), or any other sanitisation function. A double-quote character \" in the id value terminates the attribute, allowing an attacker to inject arbitrary additional attributes (event handlers, src=, href=, etc.) into the heading element. This vulnerability is fixed in 3.2.1."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mistune_project:mistune:*:*:*:*:*:*:*:*","versionEndExcluding":"3.2.1","matchCriteriaId":"A91629D7-7A30-4A3F-B1AD-17FE21D59820"}]}]}],"references":[{"url":"https://github.com/lepture/mistune/releases/tag/v3.2.1","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-v87v-83h2-53w7","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44898","sourceIdentifier":"security-advisories@github.com","published":"2026-05-26T21:16:39.810","lastModified":"2026-05-28T13:42:13.527","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, render_toc_ul() builds a