{"resultsPerPage":274,"startIndex":0,"totalResults":274,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-12T09:21:11.659","vulnerabilities":[{"cve":{"id":"CVE-2020-0415","sourceIdentifier":"security@android.com","published":"2020-10-14T14:15:16.937","lastModified":"2026-06-18T14:17:15.643","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In various locations in SystemUI, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure of contact data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.0 Android-8.1Android ID: A-156020795"},{"lang":"es","value":"En varias ubicaciones en SystemUI, se presenta una posible omisión de permisos debido a un PendingIntent no seguro.&#xa0;Esto podría conllevar a una divulgación de información local de los datos de contacto con los privilegios de ejecución User necesarios.&#xa0;No es requerida una interacción del usuario para su explotación. Producto: Android, Versiones: Android-9 Android-10 Android-11 Android-8.0 Android-8.1, ID de Android: A-156020795"}],"affected":[{"source":"security@android.com","affectedData":[{"vendor":"n/a","product":"Android","versions":[{"version":"Android-9 Android-10 Android-11 Android-8.0 Android-8.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:50:08.602996Z","id":"CVE-2020-0415","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*","matchCriteriaId":"B578E383-0D77-4AC7-9C81-3F0B8C18E033"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*","matchCriteriaId":"B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*","matchCriteriaId":"8DFAAD08-36DA-4C95-8200-C29FE5B6B854"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D558D965-FA70-4822-A770-419E73BA9ED3"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*","matchCriteriaId":"109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"}]}]}],"references":[{"url":"https://source.android.com/security/bulletin/2020-10-01","source":"security@android.com","tags":["Patch","Vendor Advisory"]},{"url":"https://source.android.com/security/bulletin/2020-10-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2024-9355","sourceIdentifier":"secalert@redhat.com","published":"2024-10-01T19:15:09.793","lastModified":"2026-06-18T13:24:43.140","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum.  It is also possible to force a derived key to be all zeros instead of an unpredictable value.  This may have follow-on implications for the Go TLS stack."},{"lang":"es","value":"Se encontró una vulnerabilidad en Golang FIPS OpenSSL. Esta falla permite que un usuario malintencionado haga que se devuelva aleatoriamente una variable de longitud de búfer no inicializada con un búfer puesto a cero en modo FIPS. También es posible forzar una coincidencia de falso positivo entre hashes no iguales al comparar una suma hmac calculada confiable con una suma de entrada no confiable si un atacante puede enviar un búfer puesto a cero en lugar de una suma calculada previamente. También es posible forzar que una clave derivada sea todo ceros en lugar de un valor impredecible. Esto puede tener implicaciones posteriores para la pila TLS de Go."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"affected","collectionURL":"https://github.com/golang-fips/openssl","packageName":"github.com/golang-fips/openssl"},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhc-worker-script","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:0.10-2.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"go-toolset:rhel8","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"8100020241001112709.a3795dee","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grafana","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:9.2.10-20.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grafana-pcp","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:5.1.1-9.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"golang","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.21.13-4.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grafana","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:9.2.10-19.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"osbuild-composer","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:132-1.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"git-lfs","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:3.6.1-1.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grafana-pcp","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:5.1.1-4.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Satellite Client 6 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman_ygg_worker","cpes":["cpe:/a:redhat:rhel_satellite_client:6::el10","cpe:/a:redhat:rhel_satellite_client:6::el8","cpe:/a:redhat:rhel_satellite_client:6::el9"],"versions":[{"version":"0:0.3.1-1.el10sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Satellite Client 6 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman_ygg_worker","cpes":["cpe:/a:redhat:rhel_satellite_client:6::el10","cpe:/a:redhat:rhel_satellite_client:6::el8","cpe:/a:redhat:rhel_satellite_client:6::el9"],"versions":[{"version":"0:0.3.1-1.el8sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Satellite Client 6 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman_ygg_worker","cpes":["cpe:/a:redhat:rhel_satellite_client:6::el10","cpe:/a:redhat:rhel_satellite_client:6::el8","cpe:/a:redhat:rhel_satellite_client:6::el9"],"versions":[{"version":"0:0.3.1-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Streams for Apache Kafka 2.9.0","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"golang-github-danielqsj-kafka_exporter","cpes":["cpe:/a:redhat:amq_streams:2"]},{"vendor":"Red Hat","product":"NBDE Tang Server","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"tang-operator-bundle-container","cpes":["cpe:/a:redhat:network_bound_disk_encryption_tang:1"]},{"vendor":"Red Hat","product":"OpenShift Developer Tools and Services","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"helm","cpes":["cpe:/a:redhat:ocp_tools"]},{"vendor":"Red Hat","product":"OpenShift Developer Tools and Services","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"odo","cpes":["cpe:/a:redhat:ocp_tools"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines-client","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Serverless","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-serverless-clients","cpes":["cpe:/a:redhat:serverless:1"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 1.2","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"helm","cpes":["cpe:/a:redhat:ansible_automation_platform"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 1.2","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-clients","cpes":["cpe:/a:redhat:ansible_automation_platform"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"automation-gateway-proxy","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"receptor","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"butane","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"conmon","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"containers-common","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"delve","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"git-lfs","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"golang-github-openprinting-ipp-usb","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grafana","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grafana-pcp","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gvisor-tap-vsock","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"ignition","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"osbuild-composer","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsyslog","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"skopeo","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"toolbox","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yggdrasil","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yggdrasil-worker-package-manager","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"host-metering","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"skopeo","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8/buildah","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8/conmon","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8/containernetworking-plugins","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8/podman","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8/runc","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8/skopeo","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8/toolbox","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"git-lfs","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"osbuild-composer","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhc","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsyslog","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"weldr-client","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"butane","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"conmon","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"containernetworking-plugins","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grafana-pcp","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gvisor-tap-vsock","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"ignition","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"opentelemetry-collector","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsyslog","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"runc","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"skopeo","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"toolbox","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"weldr-client","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"butane","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"conmon","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"conmon-rs","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"containernetworking-plugins","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"cri-o","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"cri-tools","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"golang-github-prometheus-promu","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"ignition","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"lifecycle-agent-operator-bundle-container","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"microshift","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/bare-metal-event-relay-operator-bundle","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/numaresources-operator-bundle","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/ose-aws-efs-csi-driver-container-rhel8","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/ose-gcp-filestore-csi-driver-rhel8","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/ose-secrets-store-csi-driver-rhel8","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/ose-sriov-network-metrics-exporter-rhel9","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/ose-sriov-rdma-cni-rhel9","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/ose-vertical-pod-autoscaler-rhel8","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/rdma-cni-rhel9","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/sriov-network-metrics-exporter-rhel9","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/topology-aware-lifecycle-manager-operator-bundle","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-clients","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"ose-aws-ecr-image-credential-provider","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"ose-azure-acr-image-credential-provider","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"ose-gcp-gcr-image-credential-provider","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"runc","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"skopeo","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Openshift Container Storage 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mcg","cpes":["cpe:/a:redhat:openshift_container_storage:4"]},{"vendor":"Red Hat","product":"Red Hat Openshift Data Foundation 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mcg","cpes":["cpe:/a:redhat:openshift_data_foundation:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"devspaces/machineexec-rhel8","cpes":["cpe:/a:redhat:openshift_devspaces:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-gitops-1/gitops-operator-bundle","cpes":["cpe:/a:redhat:openshift_gitops:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift on AWS","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rosa","cpes":["cpe:/a:redhat:openshift_service_on_aws:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kubevirt","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 16.2","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"etcd","cpes":["cpe:/a:redhat:openstack:16.2"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 16.2","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"golang-github-infrawatch-apputils","cpes":["cpe:/a:redhat:openstack:16.2"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 16.2","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"golang-qpid-apache","cpes":["cpe:/a:redhat:openstack:16.2"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 16.2","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"qpid-proton","cpes":["cpe:/a:redhat:openstack:16.2"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 17.1","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"etcd","cpes":["cpe:/a:redhat:openstack:17.1"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 17.1","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"golang-github-infrawatch-apputils","cpes":["cpe:/a:redhat:openstack:17.1"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 17.1","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"golang-qpid-apache","cpes":["cpe:/a:redhat:openstack:17.1"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 17.1","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"qpid-proton","cpes":["cpe:/a:redhat:openstack:17.1"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"qpid-proton","cpes":["cpe:/a:redhat:satellite:6"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"satellite-capsule:el8/qpid-proton","cpes":["cpe:/a:redhat:satellite:6"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"satellite:el8/qpid-proton","cpes":["cpe:/a:redhat:satellite:6"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"satellite:el8/yggdrasil-worker-forwarder","cpes":["cpe:/a:redhat:satellite:6"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yggdrasil","cpes":["cpe:/a:redhat:satellite:6"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yggdrasil-worker-forwarder","cpes":["cpe:/a:redhat:satellite:6"]},{"vendor":"Red Hat","product":"Red Hat Service Interconnect 1","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"qpid-proton","cpes":["cpe:/a:redhat:service_interconnect:1"]},{"vendor":"Red Hat","product":"Red Hat Service Interconnect 1","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"skupper-cli","cpes":["cpe:/a:redhat:service_interconnect:1"]},{"vendor":"Red Hat","product":"Red Hat Service Interconnect 1","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"skupper-router","cpes":["cpe:/a:redhat:service_interconnect:1"]},{"vendor":"Red Hat","product":"Red Hat Storage 3","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"heketi","cpes":["cpe:/a:redhat:storage:3"]},{"vendor":"Red Hat","product":"Red Hat Trusted Artifact Signer","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhtas/fulcio-rhel9","cpes":["cpe:/a:redhat:trusted_artifact_signer:1"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.0,"impactScore":5.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-01T18:35:51.670441Z","id":"CVE-2024-9355","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-457"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2024:10133","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:7502","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:7550","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:8327","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:8678","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:8847","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:9551","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2416","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7118","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7256","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7624","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2024-9355","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315719","source":"secalert@redhat.com"},{"url":"https://github.com/golang-fips/openssl/pull/198","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2024-50055","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-10-21T20:15:17.770","lastModified":"2026-06-18T14:29:59.903","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: bus: Fix double free in driver API bus_register()\n\nFor bus_register(), any error which happens after kset_register() will\ncause that @priv are freed twice, fixed by setting @priv with NULL after\nthe first free."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: núcleo del controlador: bus: se corrige la doble liberación en la API del controlador bus_register() Para bus_register(), cualquier error que ocurra después de kset_register() provocará que @priv se libere dos veces, lo que se soluciona configurando @priv con NULL después de la primera liberación."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/base/bus.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3465e2e4a24eef9bc9f21aa29d83fd7000c1da48","lessThan":"d885c464c25018b81a6b58f5d548fc2e3ef87dd1","versionType":"git","status":"affected"},{"version":"3465e2e4a24eef9bc9f21aa29d83fd7000c1da48","lessThan":"9ce15f68abedfae7ae0a35e95895aeddfd0f0c6a","versionType":"git","status":"affected"},{"version":"3465e2e4a24eef9bc9f21aa29d83fd7000c1da48","lessThan":"bfa54a793ba77ef696755b66f3ac4ed00c7d1248","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/base/bus.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.3","status":"affected"},{"version":"0","lessThan":"6.3","versionType":"semver","status":"unaffected"},{"version":"6.6.57","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.11.4","lessThanOrEqual":"6.11.*","versionType":"semver","status":"unaffected"},{"version":"6.12","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-22T13:23:36.877414Z","id":"CVE-2024-50055","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-415"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.4.291","matchCriteriaId":"7D4BCF5F-A64A-4766-A4C7-E33396F9300A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.231","matchCriteriaId":"B5C644CC-2BD7-4E32-BC54-8DCC7ABE9935"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.174","matchCriteriaId":"419FD073-1517-4FD5-8158-F94BC68A1E89"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.120","matchCriteriaId":"09AC6122-E2A4-40FE-9D33-268A1B2EC265"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.57","matchCriteriaId":"05D83DB8-7465-4F88-AFB2-980011992AC1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.11.4","matchCriteriaId":"AA84D336-CE9A-4535-B901-1AD77EC17C34"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/9ce15f68abedfae7ae0a35e95895aeddfd0f0c6a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bfa54a793ba77ef696755b66f3ac4ed00c7d1248","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d885c464c25018b81a6b58f5d548fc2e3ef87dd1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-50063","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-10-21T20:15:18.360","lastModified":"2026-06-18T14:30:12.317","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent tail call between progs attached to different hooks\n\nbpf progs can be attached to kernel functions, and the attached functions\ncan take different parameters or return different return values. If\nprog attached to one kernel function tail calls prog attached to another\nkernel function, the ctx access or return value verification could be\nbypassed.\n\nFor example, if prog1 is attached to func1 which takes only 1 parameter\nand prog2 is attached to func2 which takes two parameters. Since verifier\nassumes the bpf ctx passed to prog2 is constructed based on func2's\nprototype, verifier allows prog2 to access the second parameter from\nthe bpf ctx passed to it. The problem is that verifier does not prevent\nprog1 from passing its bpf ctx to prog2 via tail call. In this case,\nthe bpf ctx passed to prog2 is constructed from func1 instead of func2,\nthat is, the assumption for ctx access verification is bypassed.\n\nAnother example, if BPF LSM prog1 is attached to hook file_alloc_security,\nand BPF LSM prog2 is attached to hook bpf_lsm_audit_rule_known. Verifier\nknows the return value rules for these two hooks, e.g. it is legal for\nbpf_lsm_audit_rule_known to return positive number 1, and it is illegal\nfor file_alloc_security to return positive number. So verifier allows\nprog2 to return positive number 1, but does not allow prog1 to return\npositive number. The problem is that verifier does not prevent prog1\nfrom calling prog2 via tail call. In this case, prog2's return value 1\nwill be used as the return value for prog1's hook file_alloc_security.\nThat is, the return value rule is bypassed.\n\nThis patch adds restriction for tail call to prevent such bypasses."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: Evitar llamada de cola entre programas adjuntos a diferentes ganchos Los programas bpf se pueden adjuntar a funciones del kernel, y las funciones adjuntas pueden tomar diferentes parámetros o devolver diferentes valores de retorno. Si prog adjunto a una función del kernel llama de cola a prog adjunto a otra función del kernel, se podría omitir la verificación del acceso o del valor de retorno de ctx. Por ejemplo, si prog1 está adjunto a func1 que toma solo 1 parámetro y prog2 está adjunto a func2 que toma dos parámetros. Dado que el verificador asume que el bpf ctx pasado a prog2 se construye en base al prototipo de func2, el verificador permite a prog2 acceder al segundo parámetro del bpf ctx que se le pasa. El problema es que el verificador no impide que prog1 pase su bpf ctx a prog2 mediante llamada de cola. En este caso, el bpf ctx pasado a prog2 se construye a partir de func1 en lugar de func2, es decir, se omite la suposición de verificación de acceso a ctx. Otro ejemplo, si BPF LSM prog1 está conectado al gancho file_alloc_security y BPF LSM prog2 está conectado al gancho bpf_lsm_audit_rule_known. El verificador conoce las reglas de valor de retorno para estos dos ganchos, por ejemplo, es legal que bpf_lsm_audit_rule_known devuelva un número positivo 1 y es ilegal que file_alloc_security devuelva un número positivo. Por lo tanto, el verificador permite que prog2 devuelva un número positivo 1, pero no permite que prog1 devuelva un número positivo. El problema es que el verificador no impide que prog1 llame a prog2 a través de una llamada de cola. En este caso, el valor de retorno 1 de prog2 se utilizará como el valor de retorno para el gancho file_alloc_security de prog1. Es decir, se omite la regla del valor de retorno. Este parche agrega una restricción para la llamada de cola para evitar tales omisiones."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["include/linux/bpf.h","kernel/bpf/core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"f1b9509c2fb0ef4db8d22dac9aef8e856a5d81f6","lessThan":"d9a807fb7cbfad4328824186e2e4bee28f72169b","versionType":"git","status":"affected"},{"version":"f1b9509c2fb0ef4db8d22dac9aef8e856a5d81f6","lessThan":"5d5e3b4cbe8ee16b7bf96fd73a421c92a9da3ca1","versionType":"git","status":"affected"},{"version":"f1b9509c2fb0ef4db8d22dac9aef8e856a5d81f6","lessThan":"88c2a10e6c176c2860cd0659f4c0e9d20b3f64d1","versionType":"git","status":"affected"},{"version":"f1b9509c2fb0ef4db8d22dac9aef8e856a5d81f6","lessThan":"28ead3eaabc16ecc907cfb71876da028080f6356","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["include/linux/bpf.h","kernel/bpf/core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.5","status":"affected"},{"version":"0","lessThan":"5.5","versionType":"semver","status":"unaffected"},{"version":"6.1.135","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.57","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.11.4","lessThanOrEqual":"6.11.*","versionType":"semver","status":"unaffected"},{"version":"6.12","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-22T13:22:37.407385Z","id":"CVE-2024-50063","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"6.1.135","matchCriteriaId":"82ECCC22-EA22-4DC0-97D6-F7DAB414D02A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.57","matchCriteriaId":"05D83DB8-7465-4F88-AFB2-980011992AC1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.11.4","matchCriteriaId":"AA84D336-CE9A-4535-B901-1AD77EC17C34"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/28ead3eaabc16ecc907cfb71876da028080f6356","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5d5e3b4cbe8ee16b7bf96fd73a421c92a9da3ca1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/88c2a10e6c176c2860cd0659f4c0e9d20b3f64d1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d9a807fb7cbfad4328824186e2e4bee28f72169b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-50067","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-10-28T01:15:02.930","lastModified":"2026-06-18T14:30:19.873","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nuprobe: avoid out-of-bounds memory access of fetching args\n\nUprobe needs to fetch args into a percpu buffer, and then copy to ring\nbuffer to avoid non-atomic context problem.\n\nSometimes user-space strings, arrays can be very large, but the size of\npercpu buffer is only page size. And store_trace_args() won't check\nwhether these data exceeds a single page or not, caused out-of-bounds\nmemory access.\n\nIt could be reproduced by following steps:\n1. build kernel with CONFIG_KASAN enabled\n2. save follow program as test.c\n\n```\n\\#include <stdio.h>\n\\#include <stdlib.h>\n\\#include <string.h>\n\n// If string length large than MAX_STRING_SIZE, the fetch_store_strlen()\n// will return 0, cause __get_data_size() return shorter size, and\n// store_trace_args() will not trigger out-of-bounds access.\n// So make string length less than 4096.\n\\#define STRLEN 4093\n\nvoid generate_string(char *str, int n)\n{\n    int i;\n    for (i = 0; i < n; ++i)\n    {\n        char c = i % 26 + 'a';\n        str[i] = c;\n    }\n    str[n-1] = '\\0';\n}\n\nvoid print_string(char *str)\n{\n    printf(\"%s\\n\", str);\n}\n\nint main()\n{\n    char tmp[STRLEN];\n\n    generate_string(tmp, STRLEN);\n    print_string(tmp);\n\n    return 0;\n}\n```\n3. compile program\n`gcc -o test test.c`\n\n4. get the offset of `print_string()`\n```\nobjdump -t test | grep -w print_string\n0000000000401199 g     F .text  000000000000001b              print_string\n```\n\n5. configure uprobe with offset 0x1199\n```\noff=0x1199\n\ncd /sys/kernel/debug/tracing/\necho \"p /root/test:${off} arg1=+0(%di):ustring arg2=\\$comm arg3=+0(%di):ustring\"\n > uprobe_events\necho 1 > events/uprobes/enable\necho 1 > tracing_on\n```\n\n6. run `test`, and kasan will report error.\n==================================================================\nBUG: KASAN: use-after-free in strncpy_from_user+0x1d6/0x1f0\nWrite of size 8 at addr ffff88812311c004 by task test/499CPU: 0 UID: 0 PID: 499 Comm: test Not tainted 6.12.0-rc3+ #18\nHardware name: Red Hat KVM, BIOS 1.16.0-4.al8 04/01/2014\nCall Trace:\n <TASK>\n dump_stack_lvl+0x55/0x70\n print_address_description.constprop.0+0x27/0x310\n kasan_report+0x10f/0x120\n ? strncpy_from_user+0x1d6/0x1f0\n strncpy_from_user+0x1d6/0x1f0\n ? rmqueue.constprop.0+0x70d/0x2ad0\n process_fetch_insn+0xb26/0x1470\n ? __pfx_process_fetch_insn+0x10/0x10\n ? _raw_spin_lock+0x85/0xe0\n ? __pfx__raw_spin_lock+0x10/0x10\n ? __pte_offset_map+0x1f/0x2d0\n ? unwind_next_frame+0xc5f/0x1f80\n ? arch_stack_walk+0x68/0xf0\n ? is_bpf_text_address+0x23/0x30\n ? kernel_text_address.part.0+0xbb/0xd0\n ? __kernel_text_address+0x66/0xb0\n ? unwind_get_return_address+0x5e/0xa0\n ? __pfx_stack_trace_consume_entry+0x10/0x10\n ? arch_stack_walk+0xa2/0xf0\n ? _raw_spin_lock_irqsave+0x8b/0xf0\n ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n ? depot_alloc_stack+0x4c/0x1f0\n ? _raw_spin_unlock_irqrestore+0xe/0x30\n ? stack_depot_save_flags+0x35d/0x4f0\n ? kasan_save_stack+0x34/0x50\n ? kasan_save_stack+0x24/0x50\n ? mutex_lock+0x91/0xe0\n ? __pfx_mutex_lock+0x10/0x10\n prepare_uprobe_buffer.part.0+0x2cd/0x500\n uprobe_dispatcher+0x2c3/0x6a0\n ? __pfx_uprobe_dispatcher+0x10/0x10\n ? __kasan_slab_alloc+0x4d/0x90\n handler_chain+0xdd/0x3e0\n handle_swbp+0x26e/0x3d0\n ? __pfx_handle_swbp+0x10/0x10\n ? uprobe_pre_sstep_notifier+0x151/0x1b0\n irqentry_exit_to_user_mode+0xe2/0x1b0\n asm_exc_int3+0x39/0x40\nRIP: 0033:0x401199\nCode: 01 c2 0f b6 45 fb 88 02 83 45 fc 01 8b 45 fc 3b 45 e4 7c b7 8b 45 e4 48 98 48 8d 50 ff 48 8b 45 e8 48 01 d0 ce\nRSP: 002b:00007ffdf00576a8 EFLAGS: 00000206\nRAX: 00007ffdf00576b0 RBX: 0000000000000000 RCX: 0000000000000ff2\nRDX: 0000000000000ffc RSI: 0000000000000ffd RDI: 00007ffdf00576b0\nRBP: 00007ffdf00586b0 R08: 00007feb2f9c0d20 R09: 00007feb2f9c0d20\nR10: 0000000000000001 R11: 0000000000000202 R12: 0000000000401040\nR13: 00007ffdf0058780 R14: 0000000000000000 R15: 0000000000000000\n </TASK>\n\nThis commit enforces the buffer's maxlen less than a page-size to avoid\nstore_trace_args() out-of-memory access."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: uprobe: evitar el acceso a memoria fuera de los límites para obtener argumentos. Uprobe necesita obtener argumentos en un búfer por CPU y luego copiarlos en el búfer de anillo para evitar problemas de contexto no atómico. A veces, las cadenas y matrices del espacio de usuario pueden ser muy grandes, pero el tamaño del búfer por CPU es solo el tamaño de la página. Y store_trace_args() no verificará si estos datos exceden una sola página o no, lo que provocó un acceso a memoria fuera de los límites. Se puede reproducir siguiendo los pasos: 1. compilar el kernel con CONFIG_KASAN habilitado 2. guardar el siguiente programa como test.c ``` \\#include  \\#include  \\#include  // Si la longitud de la cadena es mayor que MAX_STRING_SIZE, fetch_store_strlen() // devolverá 0, lo que hará que __get_data_size() devuelva un tamaño menor y // store_trace_args() no active el acceso fuera de los límites. // Entonces haga que la longitud de la cadena sea menor que 4096. \\#define STRLEN 4093 void generate_string(char *str, int n) { int i; for (i = 0; i &lt; n; ++i) { char c = i % 26 + 'a'; str[i] = c; } str[n-1] = '\\0'; } void print_string(char *str) { printf(\"%s\\n\", str); } int main() { char tmp[STRLEN]; generate_string(tmp, STRLEN); print_string(tmp); return 0; } ``` 3. compilar el programa `gcc -o test test.c` 4. obtener el desplazamiento de `print_string()` ``` objdump -t test | grep -w print_string 0000000000401199 g F .text 000000000000001b print_string ``` 5. configure uprobe con desplazamiento 0x1199 ``` off=0x1199 cd /sys/kernel/debug/tracing/ echo \"p /root/test:${off} arg1=+0(%di):ustring arg2=\\$comm arg3=+0(%di):ustring\" &gt; uprobe_events echo 1 &gt; events/uprobes/enable echo 1 &gt; tracing_on ``` 6. ejecute `test` y kasan informará el error. ===================================================================== ERROR: KASAN: use-after-free en strncpy_from_user+0x1d6/0x1f0 Escritura de tamaño 8 en la dirección ffff88812311c004 por la tarea test/499CPU: 0 UID: 0 PID: 499 Comm: test No contaminado 6.12.0-rc3+ #18 Nombre del hardware: Red Hat KVM, BIOS 1.16.0-4.al8 01/04/2014 Rastreo de llamadas:  dump_stack_lvl+0x55/0x70 descripción_dirección_impresión.constprop.0+0x27/0x310 informe_kasan+0x10f/0x120 ? strncpy_desde_usuario+0x1d6/0x1f0 strncpy_desde_usuario+0x1d6/0x1f0 ? rmqueue.constprop.0+0x70d/0x2ad0 inserción_obtención_proceso+0xb26/0x1470 ? __pfx_instrucción_obtención_proceso+0x10/0x10 ? _bloqueo_giro_sin_procesamiento+0x85/0xe0 ? __pfx__bloqueo_giro_sin_procesamiento+0x10/0x10 ? __pte_offset_map+0x1f/0x2d0 ? desenrollar_siguiente_fotograma+0xc5f/0x1f80 ? arch_stack_walk+0x68/0xf0 ? is_bpf_text_address+0x23/0x30 ? kernel_text_address.part.0+0xbb/0xd0 ? __kernel_text_address+0x66/0xb0 ? unwind_get_return_address+0x5e/0xa0 ? __pfx_stack_trace_consume_entry+0x10/0x10 ? arch_stack_walk+0xa2/0xf0 ? _raw_spin_lock_irqsave+0x8b/0xf0 ? __pfx__raw_spin_lock_irqsave+0x10/0x10 ? depot_alloc_stack+0x4c/0x1f0 ? __pfx_uprobe_dispatcher+0x10/0x10 ? __kasan_slab_alloc+0x4d/0x90 handler_chain+0xdd/0x3e0 handle_swbp+0x26e/0x3d0 ? __pfx_handle_swbp+0x10/0x10 ? uprobe_pre_sstep_notifier+0x151/0x1b0 irqentry_exit_to_user_mode+0xe2/0x1b0 asm_exc_int3+0x39/0x40 RIP: 0033:0x401199 Código: 01 c2 0f b6 45 fb 88 02 83 45 fc 01 8b 45 fc 3b 45 e4 7c b7 8b 45 e4 48 98 48 8d 50 ff 48 8b 45 e8 48 01 d0 ce RSP: 002b:00007ffdf00576a8 EFLAGS: 00000206 RAX: 00007ffdf00576b0 RBX: 0000000000000000 RCX: 0000000000000ff2 RDX: 0000000000000ffc RSI: 0000000000000ffd RDI: 00007ffdf00576b0 RBP: 00007ffdf00586b0 R08: 00007feb2f9c0d20 R09: 00007feb2f9c0d20 R10: 000000000000001 R11: 0000000000000202 R12: 0000000000401040 R13: 00007ffdf0058780 R14: 00000000000000000 R15: 0000000000000000  Esta confirmación hace que la longitud máxima del búfer sea menor que el tamaño de una página para evitar el acceso fuera de memoria a store_trace_args()."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["kernel/trace/trace_uprobe.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"dcad1a204f72624796ae83359403898d10393b9c","lessThan":"0dc3ad9ad2188da7f090b3dbe4d2fcd9ae8ae64f","versionType":"git","status":"affected"},{"version":"dcad1a204f72624796ae83359403898d10393b9c","lessThan":"9e5f93788c9dd4309e75a56860a1ac44a8e117b9","versionType":"git","status":"affected"},{"version":"dcad1a204f72624796ae83359403898d10393b9c","lessThan":"537ad4a431f6dddbf15d40d19f24bb9ee12b55cb","versionType":"git","status":"affected"},{"version":"dcad1a204f72624796ae83359403898d10393b9c","lessThan":"373b9338c9722a368925d83bc622c596896b328e","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["kernel/trace/trace_uprobe.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3.14","status":"affected"},{"version":"0","lessThan":"3.14","versionType":"semver","status":"unaffected"},{"version":"6.1.118","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.59","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.11.6","lessThanOrEqual":"6.11.*","versionType":"semver","status":"unaffected"},{"version":"6.12","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-12-11T14:49:09.097229Z","id":"CVE-2024-50067","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.14","versionEndExcluding":"6.1.118","matchCriteriaId":"47057BC5-54AC-4904-B963-C59598383A9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.59","matchCriteriaId":"5D15CA59-D15C-4ACD-8B03-A072DEAD2081"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.11.6","matchCriteriaId":"E4486B12-007B-4794-9857-F07145637AA1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*","matchCriteriaId":"7F361E1D-580F-4A2D-A509-7615F73167A1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*","matchCriteriaId":"925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*","matchCriteriaId":"3C95E234-D335-4B6C-96BF-E2CEBD8654ED"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*","matchCriteriaId":"E0F717D8-3014-4F84-8086-0124B2111379"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0dc3ad9ad2188da7f090b3dbe4d2fcd9ae8ae64f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/373b9338c9722a368925d83bc622c596896b328e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/537ad4a431f6dddbf15d40d19f24bb9ee12b55cb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9e5f93788c9dd4309e75a56860a1ac44a8e117b9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-9342","sourceIdentifier":"emo@eclipse.org","published":"2025-07-16T11:15:23.727","lastModified":"2026-06-18T14:17:17.727","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Eclipse GlassFish versions before 8.0.3 it is possible to perform Login Brute Force attacks as there is no limitation in the number of failed login attempts. GlassFish 8.0.3 adds automatic attack protection documented in  https://glassfish.org/docs/latest/security-guide.html#brute-force-attack-protection ."},{"lang":"es","value":"En Eclipse GlassFish versión 7.0.16 o anteriores, es posible realizar ataques de fuerza bruta de inicio de sesión, ya que no hay límite en la cantidad de intentos fallidos de inicio de sesión."}],"affected":[{"source":"emo@eclipse.org","affectedData":[{"vendor":"Eclipse Foundation","product":"Eclipse Glassfish","defaultStatus":"unaffected","versions":[{"version":"5.1.0","versionType":"semver","status":"affected"},{"version":"6.0.0","lessThanOrEqual":"6.2.5","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.25","versionType":"semver","status":"affected"},{"version":"7.1.0","versionType":"semver","status":"affected"},{"version":"8.0.0","lessThan":"8.0.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"emo@eclipse.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-07-16T14:28:27.927901Z","id":"CVE-2024-9342","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"emo@eclipse.org","type":"Secondary","description":[{"lang":"en","value":"CWE-307"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:eclipse:glassfish:7.0.16:*:*:*:*:*:*:*","matchCriteriaId":"828489CE-9554-45A6-9D05-E43ABC8A04AE"}]}]}],"references":[{"url":"https://gitlab.eclipse.org/security/cve-assignement/-/issues/33","source":"emo@eclipse.org","tags":["Issue Tracking"]}]}},{"cve":{"id":"CVE-2025-38415","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-07-25T14:15:33.250","lastModified":"2026-06-18T21:16:28.157","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nSquashfs: check return result of sb_min_blocksize\n\nSyzkaller reports an \"UBSAN: shift-out-of-bounds in squashfs_bio_read\" bug.\n\nSyzkaller forks multiple processes which after mounting the Squashfs\nfilesystem, issues an ioctl(\"/dev/loop0\", LOOP_SET_BLOCK_SIZE, 0x8000). \nNow if this ioctl occurs at the same time another process is in the\nprocess of mounting a Squashfs filesystem on /dev/loop0, the failure\noccurs.  When this happens the following code in squashfs_fill_super()\nfails.\n\n----\nmsblk->devblksize = sb_min_blocksize(sb, SQUASHFS_DEVBLK_SIZE);\nmsblk->devblksize_log2 = ffz(~msblk->devblksize);\n----\n\nsb_min_blocksize() returns 0, which means msblk->devblksize is set to 0.\n\nAs a result, ffz(~msblk->devblksize) returns 64, and msblk->devblksize_log2\nis set to 64.\n\nThis subsequently causes the\n\nUBSAN: shift-out-of-bounds in fs/squashfs/block.c:195:36\nshift exponent 64 is too large for 64-bit type 'u64' (aka\n'unsigned long long')\n\nThis commit adds a check for a 0 return by sb_min_blocksize()."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Squashfs: comprobar el resultado devuelto de sb_min_blocksize. Syzkaller informa del error \"UBSAN: desplazamiento fuera de los límites en squashfs_bio_read\". Syzkaller bifurca varios procesos que, tras montar el sistema de archivos Squashfs, emiten una instrucción ioctl(\"/dev/loop0\", LOOP_SET_BLOCK_SIZE, 0x8000). Si esta instrucción ioctl se produce al mismo tiempo que otro proceso está montando un sistema de archivos Squashfs en /dev/loop0, se produce el fallo. En este caso, el siguiente código en squashfs_fill_super() falla: ---- msblk-&gt;devblksize = sb_min_blocksize(sb, SQUASHFS_DEVBLK_SIZE); msblk-&gt;devblksize_log2 = ffz(~msblk-&gt;devblksize); ---- sb_min_blocksize() devuelve 0, lo que significa que msblk-&gt;devblksize está establecido en 0. Como resultado, ffz(~msblk-&gt;devblksize) devuelve 64 y msblk-&gt;devblksize_log2 está establecido en 64. Esto posteriormente provoca el UBSAN: shift-out-of-bounds en fs/squashfs/block.c:195:36 el exponente de desplazamiento 64 es demasiado grande para el tipo de 64 bits 'u64' (también conocido como 'unsigned long long') Esta confirmación agrega una comprobación para un retorno de 0 por sb_min_blocksize()."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["fs/squashfs/super.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"0aa666190509ffab81c202c5095a166be23961ac","lessThan":"db7096ea160e40d78c67fce52e7cc51bde049497","versionType":"git","status":"affected"},{"version":"0aa666190509ffab81c202c5095a166be23961ac","lessThan":"549f9e3d7b60d53808c98b9fde49b4f46d0524a5","versionType":"git","status":"affected"},{"version":"0aa666190509ffab81c202c5095a166be23961ac","lessThan":"5c51aa862cbeed2f3887f0382a2708956710bd68","versionType":"git","status":"affected"},{"version":"0aa666190509ffab81c202c5095a166be23961ac","lessThan":"6abf6b78c6fb112eee495f5636ffcc350dd2ce25","versionType":"git","status":"affected"},{"version":"0aa666190509ffab81c202c5095a166be23961ac","lessThan":"4f99357dadbf9c979ad737156ad4c37fadf7c56b","versionType":"git","status":"affected"},{"version":"0aa666190509ffab81c202c5095a166be23961ac","lessThan":"0aff95d9bc7fb5400ca8af507429c4b067bdb425","versionType":"git","status":"affected"},{"version":"0aa666190509ffab81c202c5095a166be23961ac","lessThan":"295ab18c2dbce8d0ac6ecf7c5187e16e1ac8b282","versionType":"git","status":"affected"},{"version":"0aa666190509ffab81c202c5095a166be23961ac","lessThan":"734aa85390ea693bb7eaf2240623d41b03705c84","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["fs/squashfs/super.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.29","status":"affected"},{"version":"0","lessThan":"2.6.29","versionType":"semver","status":"unaffected"},{"version":"5.4.295","lessThanOrEqual":"5.4.*","versionType":"semver","status":"unaffected"},{"version":"5.10.239","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.186","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.142","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.94","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.34","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.15.3","lessThanOrEqual":"6.15.*","versionType":"semver","status":"unaffected"},{"version":"6.16","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T20:55:21.631432Z","id":"CVE-2025-38415","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.29","versionEndExcluding":"5.4.295","matchCriteriaId":"D5BDC9F5-7B03-44B2-BD32-CD273F349554"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.239","matchCriteriaId":"C3D14F4C-A21E-465D-A928-5CCE684E2B98"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.186","matchCriteriaId":"D96F2C0D-0D4A-4658-AD34-D8A626EA422D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.142","matchCriteriaId":"459B4E94-FE0E-434D-B782-95E3A5FFC6B1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.94","matchCriteriaId":"304E3F01-7D7A-4908-994E-7F95C5C00B06"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.34","matchCriteriaId":"4FFA54AA-CDFE-4591-BD07-72813D0948F4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.15.3","matchCriteriaId":"0541C761-BD5E-4C1A-8432-83B375D7EB92"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0aff95d9bc7fb5400ca8af507429c4b067bdb425","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/295ab18c2dbce8d0ac6ecf7c5187e16e1ac8b282","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4f99357dadbf9c979ad737156ad4c37fadf7c56b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/549f9e3d7b60d53808c98b9fde49b4f46d0524a5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5c51aa862cbeed2f3887f0382a2708956710bd68","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6abf6b78c6fb112eee495f5636ffcc350dd2ce25","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/734aa85390ea693bb7eaf2240623d41b03705c84","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/db7096ea160e40d78c67fce52e7cc51bde049497","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-53543","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-10-04T16:15:49.413","lastModified":"2026-06-18T14:29:50.373","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa: Add max vqp attr to vdpa_nl_policy for nlattr length check\n\nThe vdpa_nl_policy structure is used to validate the nlattr when parsing\nthe incoming nlmsg. It will ensure the attribute being described produces\na valid nlattr pointer in info->attrs before entering into each handler\nin vdpa_nl_ops.\n\nThat is to say, the missing part in vdpa_nl_policy may lead to illegal\nnlattr after parsing, which could lead to OOB read just like CVE-2023-3773.\n\nThis patch adds the missing nla_policy for vdpa max vqp attr to avoid\nsuch bugs."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/vdpa/vdpa.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"447092100c7e71aa20469a270fcee441d807ed58","lessThan":"baed19c108ac8287425b93a44985bbe9a0b1af8d","versionType":"git","status":"affected"},{"version":"ad69dd0bf26b88ec6ab26f8bbe5cd74fbed7672a","lessThan":"ff71709445ac033e6e250d971683110e4781c068","versionType":"git","status":"affected"},{"version":"ad69dd0bf26b88ec6ab26f8bbe5cd74fbed7672a","lessThan":"ea65e8b5e6b1a34deda7564f09c90e9e80db436a","versionType":"git","status":"affected"},{"version":"ad69dd0bf26b88ec6ab26f8bbe5cd74fbed7672a","lessThan":"5d6ba607d6cb5c58a4ddf33381e18c83dbb4098f","versionType":"git","status":"affected"},{"version":"5.15.198","lessThan":"5.15.209","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/vdpa/vdpa.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.16","status":"affected"},{"version":"0","lessThan":"5.16","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.47","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.4.12","lessThanOrEqual":"6.4.*","versionType":"semver","status":"unaffected"},{"version":"6.5","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.198","versionEndExcluding":"5.15.209","matchCriteriaId":"75280299-0943-4EBD-B331-7D921E2A8AD5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.47","matchCriteriaId":"2EEA01B0-0151-4E0F-B140-1A441EEDD717"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.4.12","matchCriteriaId":"CF8ECF64-40AE-49AB-8315-4D83F9F56ECF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.5:rc1:*:*:*:*:*:*","matchCriteriaId":"0B3E6E4D-E24E-4630-B00C-8C9901C597B0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.5:rc2:*:*:*:*:*:*","matchCriteriaId":"E4A01A71-0F09-4DB2-A02F-7EFFBE27C98D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.5:rc3:*:*:*:*:*:*","matchCriteriaId":"F5608371-157A-4318-8A2E-4104C3467EA1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.5:rc4:*:*:*:*:*:*","matchCriteriaId":"2226A776-DF8C-49E0-A030-0A7853BB018A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.5:rc5:*:*:*:*:*:*","matchCriteriaId":"6F15C659-DF06-455A-9765-0E6DE920F29A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.5:rc6:*:*:*:*:*:*","matchCriteriaId":"5B1C14ED-ABC4-41D3-8D9C-D38C6A65B4DE"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/5d6ba607d6cb5c58a4ddf33381e18c83dbb4098f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/baed19c108ac8287425b93a44985bbe9a0b1af8d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ea65e8b5e6b1a34deda7564f09c90e9e80db436a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ff71709445ac033e6e250d971683110e4781c068","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2023-53596","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-10-04T16:15:56.153","lastModified":"2026-06-18T14:30:05.657","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: base: Free devm resources when unregistering a device\n\nIn the current code, devres_release_all() only gets called if the device\nhas a bus and has been probed.\n\nThis leads to issues when using bus-less or driver-less devices where\nthe device might never get freed if a managed resource holds a reference\nto the device. This is happening in the DRM framework for example.\n\nWe should thus call devres_release_all() in the device_del() function to\nmake sure that the device-managed actions are properly executed when the\ndevice is unregistered, even if it has neither a bus nor a driver.\n\nThis is effectively the same change than commit 2f8d16a996da (\"devres:\nrelease resources on device_del()\") that got reverted by commit\na525a3ddeaca (\"driver core: free devres in device_release\") over\nmemory leaks concerns.\n\nThis patch effectively combines the two commits mentioned above to\nrelease the resources both on device_del() and device_release() and get\nthe best of both worlds."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/base/core.c","drivers/base/test/platform-device-test.c","drivers/base/test/root-device-test.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"a525a3ddeaca69f405d98442ab3c0746e53168dc","lessThan":"83e2ec36a92432e9445e853c12becbbae353b511","versionType":"git","status":"affected"},{"version":"a525a3ddeaca69f405d98442ab3c0746e53168dc","lessThan":"b9ef4b0aa91d2f9f5951faafdbbd47cf01799ec3","versionType":"git","status":"affected"},{"version":"a525a3ddeaca69f405d98442ab3c0746e53168dc","lessThan":"297992e5c63528e603666e36081836204fc36ec9","versionType":"git","status":"affected"},{"version":"a525a3ddeaca69f405d98442ab3c0746e53168dc","lessThan":"3bcc4c2a096e8342c8c719e595ce15de212694dd","versionType":"git","status":"affected"},{"version":"a525a3ddeaca69f405d98442ab3c0746e53168dc","lessThan":"c8c426fae26086a0ca8ab6cc6da2de79810ec038","versionType":"git","status":"affected"},{"version":"a525a3ddeaca69f405d98442ab3c0746e53168dc","lessThan":"699fb50d99039a50e7494de644f96c889279aca3","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/base/core.c","drivers/base/test/platform-device-test.c","drivers/base/test/root-device-test.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3.7","status":"affected"},{"version":"0","lessThan":"3.7","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.53","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.4.16","lessThanOrEqual":"6.4.*","versionType":"semver","status":"unaffected"},{"version":"6.5.3","lessThanOrEqual":"6.5.*","versionType":"semver","status":"unaffected"},{"version":"6.6","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-415"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.7","versionEndExcluding":"5.10.258","matchCriteriaId":"E5E8C954-76D2-41E6-8C01-1844EC5AA2BD"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.53","matchCriteriaId":"B20754AF-3B8C-4574-A70D-EC24933810E5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.4.16","matchCriteriaId":"C3039EA3-F6CA-43EF-9F17-81A7EC6841EF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5","versionEndExcluding":"6.5.3","matchCriteriaId":"880C803A-BEAE-4DA0-8A59-AC023F7B4EE3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/297992e5c63528e603666e36081836204fc36ec9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3bcc4c2a096e8342c8c719e595ce15de212694dd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/699fb50d99039a50e7494de644f96c889279aca3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/83e2ec36a92432e9445e853c12becbbae353b511","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b9ef4b0aa91d2f9f5951faafdbbd47cf01799ec3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c8c426fae26086a0ca8ab6cc6da2de79810ec038","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-39813","sourceIdentifier":"psirt@fortinet.com","published":"2026-04-14T16:16:45.680","lastModified":"2026-06-18T13:25:36.770","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8 may allow attacker to escalation of privilege via specially crafted HTTP requests."}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiSandbox","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortisandbox:5.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*"],"versions":[{"version":"5.0.0","lessThanOrEqual":"5.0.5","versionType":"semver","status":"affected"},{"version":"4.4.0","lessThanOrEqual":"4.4.8","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiSandbox Cloud","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortisandboxcloud:24.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxcloud:23.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxcloud:5.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxcloud:5.0.4:*:*:*:*:*:*:*"],"versions":[{"version":"24.1","status":"affected"},{"version":"23.4","status":"affected"},{"version":"5.0.4","lessThanOrEqual":"5.0.5","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-14T00:00:00+00:00","id":"CVE-2026-39813","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-24"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"4.4.9","matchCriteriaId":"0025C9C0-8D61-4563-96F9-F4E09DD83B26"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"5.0.6","matchCriteriaId":"3AAEF316-2134-4398-911C-E7532CD3AFF2"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-26-112","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-6691","sourceIdentifier":"cna@mongodb.com","published":"2026-05-06T16:16:11.483","lastModified":"2026-06-18T17:18:13.887","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The MongoDB C Driver's Cyrus SASL integration performs unsafe string copying during username canonicalization, enabling a heap buffer overflow before any authentication or network traffic. This may be triggered by passing untrusted input in the username of a MongoDB URI with authMechanism=GSSAPI."}],"affected":[{"source":"cna@mongodb.com","affectedData":[{"vendor":"MongoDB Inc.","product":"MongoDB C Driver","defaultStatus":"unaffected","versions":[{"version":"2.1.0","lessThanOrEqual":"2.1.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@mongodb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@mongodb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-06T00:00:00+00:00","id":"CVE-2026-6691","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@mongodb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:c_driver:*:*:*:*:*:mongodb:*:*","versionStartIncluding":"2.1.0","versionEndExcluding":"2.1.2","matchCriteriaId":"20A70BF6-DFE0-4114-B073-2F91E8FCDDE6"}]}]}],"references":[{"url":"https://jira.mongodb.org/browse/CDRIVER-6134","source":"cna@mongodb.com","tags":["Patch","Vendor Advisory","Issue Tracking"]}]}},{"cve":{"id":"CVE-2026-44916","sourceIdentifier":"cve@mitre.org","published":"2026-05-08T07:16:29.163","lastModified":"2026-06-18T17:23:02.910","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In OpenStack Ironic before 35.0.2 (in a certain non-default configuration), instance_info['ks_template'] is rendered without sandboxing."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"OpenStack","product":"Ironic","defaultStatus":"unaffected","versions":[{"version":"17.0.0","lessThan":"26.1.7","versionType":"semver","status":"affected"},{"version":"27.0.0","lessThan":"29.0.6","versionType":"semver","status":"affected"},{"version":"30.0.0","lessThan":"32.0.2","versionType":"semver","status":"affected"},{"version":"33.0.0","lessThan":"35.0.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N","baseScore":3.0,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.3,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-08T12:50:26.825911Z","id":"CVE-2026-44916","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-1336"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0.0","versionEndExcluding":"26.1.7","matchCriteriaId":"558B49D8-65AB-4B54-AB54-8AF5A30EE231"},{"vulnerable":true,"criteria":"cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*","versionStartIncluding":"27.0.0","versionEndExcluding":"29.0.6","matchCriteriaId":"90636852-4D41-49C1-B5BA-1A035E81D28E"},{"vulnerable":true,"criteria":"cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*","versionStartIncluding":"30.0.0","versionEndExcluding":"32.0.2","matchCriteriaId":"D9F7CCC1-79C3-46B3-8A70-9074EEC0253F"},{"vulnerable":true,"criteria":"cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*","versionStartIncluding":"33.0.0","versionEndExcluding":"35.0.2","matchCriteriaId":"4EDE56FA-F5A7-4CB3-AF67-C936A03560DE"}]}]}],"references":[{"url":"https://bugs.launchpad.net/ironic/+bug/2148307","source":"cve@mitre.org","tags":["Issue Tracking","Mitigation","Third Party Advisory"]},{"url":"https://security.openstack.org/ossa/OSSA-2026-012.html","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/05/11/7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-32175","sourceIdentifier":"secure@microsoft.com","published":"2026-05-12T18:16:58.737","lastModified":"2026-06-18T17:29:32.797","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable system. However, an attacker would have limited control over the destination of the files and directories.\nTo exploit the vulnerability, an attacker must send a specially crafted file to a vulnerable system.\nThe security update fixes the vulnerability by ensuring .NET Core properly handles files."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":".NET 10.0","versions":[{"version":"10.0.0","lessThan":"10.0.8","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":".NET 8.0","versions":[{"version":"8.0.0","lessThan":"8.0.27","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":".NET 9.0","versions":[{"version":"9.0.0","lessThan":"9.0.16","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Visual Studio 2022 version 17.12","versions":[{"version":"17.12.0","lessThan":"17.12.20","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Visual Studio 2022 version 17.14","versions":[{"version":"17.14.0","lessThan":"17.14.32","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Visual Studio 2026 version 18.5","versions":[{"version":"18.5.0","lessThan":"18.5.3","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-12T19:22:38.751667Z","id":"CVE-2026-32175","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-36"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*","versionStartIncluding":"17.12.0","versionEndExcluding":"17.12.20","matchCriteriaId":"84C9D69D-F0FC-465F-94B8-832EB58B6788"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*","versionStartIncluding":"17.14.0","versionEndExcluding":"17.14.32","matchCriteriaId":"450E6D45-68A5-4C90-869C-20A314303B12"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2026:*:*:*:*:*:*:*:*","versionStartIncluding":"18.5.0","versionEndExcluding":"18.5.3","matchCriteriaId":"6538F8A2-3412-4A67-98DC-CD3A7BC4117E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.0.27","matchCriteriaId":"22FEE1A6-0E92-4E1A-B3C0-AD8DF6EE7B7B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndExcluding":"9.0.16","matchCriteriaId":"1F144BCB-8CEA-451A-9048-2A706EA67262"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32175","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-32204","sourceIdentifier":"secure@microsoft.com","published":"2026-05-12T18:17:00.620","lastModified":"2026-06-18T17:27:38.907","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"External control of file name or path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Azure Monitor","versions":[{"version":"1.0.0","lessThan":"1.14.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T03:56:09.067750Z","id":"CVE-2026-32204","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-73"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-610"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:azure_monitor_agent:*:*:*:*:*:*:*:*","versionEndExcluding":"1.14.0","matchCriteriaId":"CB158970-6E2C-4AFC-B51D-31498F393A6F"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32204","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-33833","sourceIdentifier":"secure@microsoft.com","published":"2026-05-12T18:17:05.160","lastModified":"2026-06-18T17:27:00.880","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of special elements in output used by a downstream component ('injection') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Azure Machine Learning","versions":[{"version":"3.0.0","lessThan":"1.7.6","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T10:13:09.603213Z","id":"CVE-2026-33833","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:azure_machine_learning:3.0.0:*:*:*:*:*:*:*","matchCriteriaId":"8208262E-7D89-40D2-8F27-6F029906FC43"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33833","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40370","sourceIdentifier":"secure@microsoft.com","published":"2026-05-12T18:17:16.147","lastModified":"2026-06-18T17:23:30.523","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"External control of file name or path in SQL Server allows an authorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft SQL Server 2016 Service Pack 3 (GDR)","platforms":["x64-based Systems"],"versions":[{"version":"13.0.0","lessThan":"13.0.6490.1","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack","platforms":["x64-based Systems"],"versions":[{"version":"13.0.0","lessThan":"13.0.7085.1","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2017 (CU 31)","platforms":["x64-based Systems"],"versions":[{"version":"14.0.0","lessThan":"14.0.3530.2","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2017 (GDR)","platforms":["x64-based Systems"],"versions":[{"version":"14.0.0","lessThan":"14.0.2110.2","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2019 (CU 32)","platforms":["x64-based Systems"],"versions":[{"version":"15.0.0.0","lessThan":"15.0.4470.1","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2019 (GDR)","platforms":["x64-based Systems"],"versions":[{"version":"15.0.0","lessThan":"15.0.2170.1","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2022 (GDR)","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.1180.1","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2022 for x64-based Systems (CU 24)","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0.0","lessThan":"16.0.4252.3","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2025 (CU 4)","versions":[{"version":"17.0.4040.1","lessThan":"17.0.4040.1","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SQL Server 2025 for x64-based Systems (GDR)","platforms":["x64-based Systems"],"versions":[{"version":"17.0.1050.2","lessThan":"17.0.1115.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T03:57:25.195979Z","id":"CVE-2026-40370","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-73"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-610"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:x64:*","versionStartIncluding":"13.0.6300.2","versionEndExcluding":"13.0.6490.1","matchCriteriaId":"07504D93-CA3C-49EA-A19E-9FF6E39DA2C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:x64:*","versionStartIncluding":"13.0.7000.253","versionEndExcluding":"13.0.7085.1","matchCriteriaId":"8788D53F-C70A-4445-A091-0E6F3B3580C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:x64:*","versionStartIncluding":"14.0.1000.169","versionEndExcluding":"14.0.2110.2","matchCriteriaId":"C57CAA5C-DBA1-4D67-AAE0-C6A140817060"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:x64:*","versionStartIncluding":"14.0.3006.16","versionEndExcluding":"14.0.3530.2","matchCriteriaId":"4665DEEC-676A-4569-A186-0CBEC807DB2F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*","versionStartIncluding":"15.0.2000.5","versionEndExcluding":"15.0.2170.1","matchCriteriaId":"AA2CF0C9-AC74-4170-A3DA-6DBD6B191EE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*","versionStartIncluding":"15.0.4003.23","versionEndExcluding":"15.0.4470.1","matchCriteriaId":"8ABD3289-C541-4C60-9F0C-51414D05CCCD"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*","versionStartIncluding":"16.0.1000.6","versionEndExcluding":"16.0.1180.1","matchCriteriaId":"34EB59C6-69B7-4EC2-ABAE-0BD7C8AF0220"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*","versionStartIncluding":"16.0.4003.1","versionEndExcluding":"16.0.4252.3","matchCriteriaId":"AA459F89-6125-4CA4-8376-244CA117BF5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*","versionStartIncluding":"17.0.1000.7","versionEndExcluding":"17.0.1115.1","matchCriteriaId":"3354FA6E-48A1-406B-A2CB-DB9B769C7E1B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*","versionStartIncluding":"17.0.4006.2","versionEndExcluding":"17.0.4040.1","matchCriteriaId":"6440EDCA-2737-425A-9C84-A775C133C581"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40370","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44232","sourceIdentifier":"security-advisories@github.com","published":"2026-05-12T21:16:16.270","lastModified":"2026-06-19T00:16:47.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"DSSRF is a Node.js library that provides a wide range of utilities and advanced SSRF defense checks. Prior to 1.0.3, every IPv6 category bypasses is_url_safe. This vulnerability is fixed in 1.0.3."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"HackingRepo","product":"dssrf-js","versions":[{"version":"< 1.0.3","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-18T14:40:44.104873Z","id":"CVE-2026-44232","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-791"}]}],"references":[{"url":"https://github.com/HackingRepo/dssrf-js/security/advisories/GHSA-8p33-q827-ghj5","source":"security-advisories@github.com"},{"url":"https://github.com/HackingRepo/dssrf-js/security/advisories/GHSA-8p33-q827-ghj5","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-42919","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:49.263","lastModified":"2026-06-18T13:54:35.873","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability exists in BIG-IP systems that may allow an authenticated attacker with administrative access to escalate their privileges. A successful exploit may allow the attacker to cross a security boundary.\n\n Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.1","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.4","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.1","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T00:00:00+00:00","id":"CVE-2026-42919","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartExcluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"448BBDCD-AD12-4DBB-8CED-46594177260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"003B47C5-A8E3-4ECD-B0E1-6FD3BCC6C00A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1489ACC-1DCF-4107-A7A5-12E675B522F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B63EC396-5C6D-4F2B-AA4B-48C19A2DEF40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3D5211-78EA-479C-A468-F3DD867DA377"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF32E2A-2837-4F02-98D4-EC8D4AD7629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7918553F-3A00-4F1F-8007-40C440D30EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"63F0B2DD-6D9C-4A4E-AB9A-E417D0BA9725"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"961FD6A4-3969-4A7B-B154-71AB91102EDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B22E4040-EC36-44B7-AE6F-D8A5B982350F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"90819202-D6CE-4742-957E-32653AD75AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E4DCF86-3120-4D11-8233-9E41BF6F1577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C3978168-BE6E-41DB-92A2-99843137BBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BBB888F-2AAF-4F90-82F7-12A79A5D9EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EA18854A-929E-4D5E-B2EC-9AC31A5694C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB4EFA9A-FBB9-437C-9789-7C4EB489DD59"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"900D8242-3139-443E-98A3-30A7D9A0CA42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4DF82E2E-B438-4205-8A58-802A1F22EB3E"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000158971","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42920","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:49.390","lastModified":"2026-06-18T13:54:22.423","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.\n Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.1","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.4","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.1","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T16:01:34.873735Z","id":"CVE-2026-42920","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-835"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"003B47C5-A8E3-4ECD-B0E1-6FD3BCC6C00A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1489ACC-1DCF-4107-A7A5-12E675B522F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B63EC396-5C6D-4F2B-AA4B-48C19A2DEF40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3D5211-78EA-479C-A468-F3DD867DA377"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF32E2A-2837-4F02-98D4-EC8D4AD7629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7918553F-3A00-4F1F-8007-40C440D30EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"63F0B2DD-6D9C-4A4E-AB9A-E417D0BA9725"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"961FD6A4-3969-4A7B-B154-71AB91102EDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B22E4040-EC36-44B7-AE6F-D8A5B982350F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"90819202-D6CE-4742-957E-32653AD75AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E4DCF86-3120-4D11-8233-9E41BF6F1577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C3978168-BE6E-41DB-92A2-99843137BBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BBB888F-2AAF-4F90-82F7-12A79A5D9EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EA18854A-929E-4D5E-B2EC-9AC31A5694C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB4EFA9A-FBB9-437C-9789-7C4EB489DD59"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"900D8242-3139-443E-98A3-30A7D9A0CA42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4DF82E2E-B438-4205-8A58-802A1F22EB3E"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000160901","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42924","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:49.517","lastModified":"2026-06-18T13:55:02.443","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An authenticated attacker with the Resource Administrator or Administrator role can create SNMP configuration objects through iControl SOAP resulting in privilege escalation.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.1","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.4","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.1","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T00:00:00+00:00","id":"CVE-2026-42924","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"003B47C5-A8E3-4ECD-B0E1-6FD3BCC6C00A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1489ACC-1DCF-4107-A7A5-12E675B522F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B63EC396-5C6D-4F2B-AA4B-48C19A2DEF40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3D5211-78EA-479C-A468-F3DD867DA377"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF32E2A-2837-4F02-98D4-EC8D4AD7629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7918553F-3A00-4F1F-8007-40C440D30EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"63F0B2DD-6D9C-4A4E-AB9A-E417D0BA9725"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"961FD6A4-3969-4A7B-B154-71AB91102EDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B22E4040-EC36-44B7-AE6F-D8A5B982350F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"90819202-D6CE-4742-957E-32653AD75AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E4DCF86-3120-4D11-8233-9E41BF6F1577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C3978168-BE6E-41DB-92A2-99843137BBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BBB888F-2AAF-4F90-82F7-12A79A5D9EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EA18854A-929E-4D5E-B2EC-9AC31A5694C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB4EFA9A-FBB9-437C-9789-7C4EB489DD59"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"900D8242-3139-443E-98A3-30A7D9A0CA42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4DF82E2E-B438-4205-8A58-802A1F22EB3E"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000160926","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42926","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:49.640","lastModified":"2026-06-18T13:37:05.800","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When NGINX Open Source is configured to proxy HTTP/2 traffic by setting proxy_http_version to 2, and also uses proxy_set_body, an attacker may be able to inject frame headers and payload bytes to the upstream peer.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"NGINX Open Source","defaultStatus":"unaffected","modules":["ngx_http_proxy_v2_module"],"versions":[{"version":"1.31.0","lessThan":"*","versionType":"semver","status":"unaffected"},{"version":"1.29.4","lessThan":"1.30.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T15:54:52.773305Z","id":"CVE-2026-42926","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-172"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_gateway_fabric:*:*:*:*:*:*:*:*","versionStartIncluding":"1.3.0","versionEndIncluding":"1.6.2","matchCriteriaId":"15B7F1FD-0C49-460F-9CB8-23DA730EC4BE"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*","versionStartIncluding":"1.29.4","versionEndIncluding":"1.30.0","matchCriteriaId":"B99F7F00-2660-4609-A231-8F7E53A105A0"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_gateway_fabric:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndIncluding":"2.6.0","matchCriteriaId":"0A6AA23F-A7A1-43DE-AD67-0EB1249143A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_instance_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"2.16.0","versionEndIncluding":"2.22.0","matchCriteriaId":"CBC31553-99DE-4155-A8E5-13A84FCCB610"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5.0","versionEndIncluding":"3.7.2","matchCriteriaId":"10D5B143-4C1E-4626-8B49-3EA7160E9256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndIncluding":"4.0.1","matchCriteriaId":"73A1CDBB-49F6-4AB6-AA67-542FD8017D6A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndIncluding":"5.4.2","matchCriteriaId":"607EEFA3-BE2A-4660-8C67-E6FC9799325F"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000161131","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42930","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:49.777","lastModified":"2026-06-18T14:10:58.560","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"When running in Appliance mode, an authenticated attacker assigned the 'Administrator' role may be able to bypass Appliance mode restrictions on a BIG-IP system.\n\n Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.2","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.6","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.2","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T00:00:00+00:00","id":"CVE-2026-42930","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-35"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"003B47C5-A8E3-4ECD-B0E1-6FD3BCC6C00A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1489ACC-1DCF-4107-A7A5-12E675B522F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B63EC396-5C6D-4F2B-AA4B-48C19A2DEF40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3D5211-78EA-479C-A468-F3DD867DA377"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF32E2A-2837-4F02-98D4-EC8D4AD7629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7918553F-3A00-4F1F-8007-40C440D30EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"63F0B2DD-6D9C-4A4E-AB9A-E417D0BA9725"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"961FD6A4-3969-4A7B-B154-71AB91102EDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B22E4040-EC36-44B7-AE6F-D8A5B982350F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"90819202-D6CE-4742-957E-32653AD75AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E4DCF86-3120-4D11-8233-9E41BF6F1577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C3978168-BE6E-41DB-92A2-99843137BBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BBB888F-2AAF-4F90-82F7-12A79A5D9EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EA18854A-929E-4D5E-B2EC-9AC31A5694C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB4EFA9A-FBB9-437C-9789-7C4EB489DD59"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"900D8242-3139-443E-98A3-30A7D9A0CA42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4DF82E2E-B438-4205-8A58-802A1F22EB3E"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000160876","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42934","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:49.910","lastModified":"2026-06-18T14:07:22.880","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_charset_module module. When charset, source_charset, and charset_map and proxy_pass with disabled buffering (\"off\") directives are configured, unauthenticated attackers can send requests that with conditions beyond the attackers' control to cause a heap buffer over-read in the NGINX worker process, leading to limited disclosure of memory or a restart.\n\n\n\n Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"NGINX Plus","defaultStatus":"unknown","modules":["ngx_http_charset_module"],"versions":[{"version":"R37","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"R36","lessThan":"R36 P4","versionType":"custom","status":"affected"},{"version":"R32","lessThan":"R32 P6","versionType":"custom","status":"affected"}]},{"vendor":"F5","product":"NGINX Open Source","defaultStatus":"unaffected","modules":["ngx_http_charset_module"],"versions":[{"version":"1.31.0","lessThan":"*","versionType":"semver","status":"unaffected"},{"version":"0.3.50","lessThan":"1.30.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T15:55:18.483975Z","id":"CVE-2026-42934","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:dos:*:*:*:*:*:nginx:*:*","versionStartIncluding":"4.3.0","versionEndIncluding":"4.7.0","matchCriteriaId":"0772572C-26F9-4FA4-B9E6-BA40ED59F569"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:dos:4.8.0:*:*:*:*:nginx:*:*","matchCriteriaId":"C45452BD-7A86-48E7-8E1D-1B340FF70B3B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_gateway_fabric:*:*:*:*:*:*:*:*","versionStartIncluding":"1.3.0","versionEndIncluding":"1.6.2","matchCriteriaId":"15B7F1FD-0C49-460F-9CB8-23DA730EC4BE"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_gateway_fabric:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndIncluding":"2.6.0","matchCriteriaId":"0A6AA23F-A7A1-43DE-AD67-0EB1249143A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5.0","versionEndIncluding":"3.7.2","matchCriteriaId":"10D5B143-4C1E-4626-8B49-3EA7160E9256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndIncluding":"4.0.1","matchCriteriaId":"73A1CDBB-49F6-4AB6-AA67-542FD8017D6A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndIncluding":"5.4.2","matchCriteriaId":"607EEFA3-BE2A-4660-8C67-E6FC9799325F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_instance_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"2.16.0","versionEndIncluding":"2.22.0","matchCriteriaId":"CBC31553-99DE-4155-A8E5-13A84FCCB610"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*","versionStartIncluding":"0.3.50","versionEndIncluding":"0.9.7","matchCriteriaId":"BB2E27C7-2CF6-4EBD-8D5B-62AC1FAF2A82"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*","versionStartIncluding":"1.0.0","versionEndIncluding":"1.30.0","matchCriteriaId":"BC94D0FA-F4AE-4178-AE9A-8CB645E3DF7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*","versionStartIncluding":"r32","versionEndIncluding":"r36","matchCriteriaId":"0B153576-468F-48C2-9BC8-922A938AB235"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:waf:*:*:*:*:*:nginx:*:*","versionStartIncluding":"4.9.0","versionEndIncluding":"4.16.0","matchCriteriaId":"F365BA5A-42D7-4024-9143-06D4DEE31212"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:waf:*:*:*:*:*:nginx:*:*","versionStartIncluding":"5.1.0","versionEndIncluding":"5.8.0","matchCriteriaId":"8D720985-9119-480E-929A-7D9D5C083628"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:waf:*:*:*:*:*:nginx:*:*","versionStartIncluding":"5.9.0","versionEndIncluding":"5.12.1","matchCriteriaId":"DE69C522-7FCB-4452-8E33-FCC72D36BF94"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000161028","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42946","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:50.340","lastModified":"2026-06-18T14:12:00.637","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability exists in the ngx_http_scgi_module and ngx_http_uwsgi_module modules that may result in excessive memory allocation or an over-read of data. When scgi_pass or uwsgi_pass is configured, an unauthenticated attacker with man-in-the-middle (MITM) ability to control responses from an upstream server may be able to read the memory of the NGINX worker process or restart it.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"NGINX Plus","defaultStatus":"unknown","modules":["ngx_http_scgi_module and ngx_http_uwsgi_module"],"versions":[{"version":"R37","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"R36","lessThan":"R36 P4","versionType":"custom","status":"affected"},{"version":"R32","lessThan":"R32 P6","versionType":"custom","status":"affected"}]},{"vendor":"F5","product":"NGINX Open Source","defaultStatus":"unaffected","modules":["ngx_http_scgi_module and ngx_http_uwsgi_module"],"versions":[{"version":"1.31.0","lessThan":"*","versionType":"semver","status":"unaffected"},{"version":"0.8.42","lessThan":"1.30.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T15:55:04.864917Z","id":"CVE-2026-42946","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-789"},{"lang":"en","value":"CWE-823"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:dos:*:*:*:*:*:nginx:*:*","versionStartIncluding":"4.3.0","versionEndIncluding":"4.7.0","matchCriteriaId":"0772572C-26F9-4FA4-B9E6-BA40ED59F569"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:dos:4.8.0:*:*:*:*:nginx:*:*","matchCriteriaId":"C45452BD-7A86-48E7-8E1D-1B340FF70B3B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_gateway_fabric:*:*:*:*:*:*:*:*","versionStartIncluding":"1.3.0","versionEndIncluding":"1.6.2","matchCriteriaId":"15B7F1FD-0C49-460F-9CB8-23DA730EC4BE"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_gateway_fabric:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndIncluding":"2.6.0","matchCriteriaId":"0A6AA23F-A7A1-43DE-AD67-0EB1249143A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5.0","versionEndIncluding":"3.7.2","matchCriteriaId":"10D5B143-4C1E-4626-8B49-3EA7160E9256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndIncluding":"4.0.1","matchCriteriaId":"73A1CDBB-49F6-4AB6-AA67-542FD8017D6A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndIncluding":"5.4.2","matchCriteriaId":"607EEFA3-BE2A-4660-8C67-E6FC9799325F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_instance_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"2.16.0","versionEndIncluding":"2.22.0","matchCriteriaId":"CBC31553-99DE-4155-A8E5-13A84FCCB610"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*","versionStartIncluding":"0.8.42","versionEndIncluding":"0.9.7","matchCriteriaId":"C28A19F7-DD00-4D55-982F-15C15A9C0128"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*","versionStartIncluding":"1.0.0","versionEndIncluding":"1.30.0","matchCriteriaId":"BC94D0FA-F4AE-4178-AE9A-8CB645E3DF7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*","versionStartIncluding":"r32","versionEndIncluding":"r36","matchCriteriaId":"0B153576-468F-48C2-9BC8-922A938AB235"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:waf:*:*:*:*:*:nginx:*:*","versionStartIncluding":"4.9.0","versionEndIncluding":"4.16.0","matchCriteriaId":"F365BA5A-42D7-4024-9143-06D4DEE31212"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:waf:*:*:*:*:*:nginx:*:*","versionStartIncluding":"5.1.0","versionEndIncluding":"5.8.0","matchCriteriaId":"8D720985-9119-480E-929A-7D9D5C083628"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:waf:*:*:*:*:*:nginx:*:*","versionStartIncluding":"5.9.0","versionEndIncluding":"5.12.1","matchCriteriaId":"DE69C522-7FCB-4452-8E33-FCC72D36BF94"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000161027","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45675","sourceIdentifier":"security-advisories@github.com","published":"2026-05-15T20:16:49.220","lastModified":"2026-06-18T22:16:31.463","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the LDAP and OAuth authentication flows use a TOCTOU (Time-of-Check-Time-of-Use) pattern for first-user admin role assignment. The regular signup handler (signup_handler in auths.py, line 663) was explicitly patched to prevent this race with the comment \"Insert with default role first to avoid TOCTOU race\", but the LDAP and OAuth code paths were never updated with the same fix. This vulnerability is fixed in 0.9.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"open-webui","product":"open-webui","versions":[{"version":"< 0.9.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-19T03:55:45.762046Z","id":"CVE-2026-45675","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-362"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openwebui:open_webui:*:*:*:*:*:*:*:*","versionEndExcluding":"0.9.0","matchCriteriaId":"0FB90EC3-1665-446E-AA35-4AEC207A2F3B"}]}]}],"references":[{"url":"https://github.com/open-webui/open-webui/commit/96a0b3239b1aadb23fc359bf10849c9ba12fd6ec","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/open-webui/open-webui/pull/23626","source":"security-advisories@github.com","tags":["Issue Tracking"]},{"url":"https://github.com/open-webui/open-webui/security/advisories/GHSA-h3ww-q6xx-w7x3","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-2253","sourceIdentifier":"security.vulnerabilities@hitachivantara.com","published":"2026-05-27T04:16:26.417","lastModified":"2026-06-18T17:04:29.760","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0, including 9.3.x and 8.3.x, does not prevent certain XML parsers from resolving external entities."}],"affected":[{"source":"security.vulnerabilities@hitachivantara.com","affectedData":[{"vendor":"Hitachi Vantara","product":"Pentaho Data Integration and Analytics","defaultStatus":"unaffected","versions":[{"version":"1.0","lessThan":"10.2.0.7","versionType":"maven","status":"affected"},{"version":"10.0","lessThan":"11.0.0","versionType":"maven","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security.vulnerabilities@hitachivantara.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-27T18:00:51.429151Z","id":"CVE-2026-2253","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security.vulnerabilities@hitachivantara.com","type":"Secondary","description":[{"lang":"en","value":"CWE-611"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hitachi:vantara_pentaho_data_integration_and_analytics:*:*:*:*:*:*:*:*","versionEndExcluding":"10.2.0.7","matchCriteriaId":"50E55F6A-825B-4C80-BA1C-9EF2B058A230"},{"vulnerable":true,"criteria":"cpe:2.3:a:hitachi:vantara_pentaho_data_integration_and_analytics:*:*:*:*:*:*:*:*","versionStartExcluding":"10.2.0.8","versionEndExcluding":"11.0.0.0","matchCriteriaId":"42A22CB8-1987-4AAE-8540-63E534FCEE32"},{"vulnerable":true,"criteria":"cpe:2.3:a:hitachi:vantara_pentaho_data_integration_and_analytics:8.3:-:*:*:*:*:*:*","matchCriteriaId":"CD5C2274-E0A1-4DD3-BAC8-C107C4026D8B"},{"vulnerable":true,"criteria":"cpe:2.3:a:hitachi:vantara_pentaho_data_integration_and_analytics:9.3:-:*:*:*:*:*:*","matchCriteriaId":"8D8EFD76-9B82-47CF-95F7-5117C58706EB"}]}]}],"references":[{"url":"https://support.pentaho.com/hc/en-us/articles/45677548193933--Resolved-Hitachi-Vantara-Pentaho-Data-Integration-Analytics-Improper-Restriction-of-XML-External-Entity-Reference-Versions-before-10-2-0-7-and-11-0-0-0-Impacted-CVE-2026-2253","source":"security.vulnerabilities@hitachivantara.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-2254","sourceIdentifier":"security.vulnerabilities@hitachivantara.com","published":"2026-05-27T04:16:26.693","lastModified":"2026-06-18T17:05:54.147","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6 and 11.0.0.0, including 9.3.x and 8.3.x, does not apply ACLs on certain API endpoints related to platform mail notfications."}],"affected":[{"source":"security.vulnerabilities@hitachivantara.com","affectedData":[{"vendor":"Hitachi Vantara","product":"Pentaho Data Integration and Analytics","defaultStatus":"unaffected","versions":[{"version":"1.0","lessThan":"10.2.0.6","versionType":"maven","status":"affected"},{"version":"10.0","lessThan":"11.0.0.0","versionType":"maven","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security.vulnerabilities@hitachivantara.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-27T17:59:55.849274Z","id":"CVE-2026-2254","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security.vulnerabilities@hitachivantara.com","type":"Secondary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hitachi:vantara_pentaho_data_integration_and_analytics:*:*:*:*:*:*:*:*","versionEndExcluding":"10.2.0.7","matchCriteriaId":"50E55F6A-825B-4C80-BA1C-9EF2B058A230"},{"vulnerable":true,"criteria":"cpe:2.3:a:hitachi:vantara_pentaho_data_integration_and_analytics:*:*:*:*:*:*:*:*","versionStartExcluding":"10.2.0.8","versionEndExcluding":"11.0.0.0","matchCriteriaId":"42A22CB8-1987-4AAE-8540-63E534FCEE32"},{"vulnerable":true,"criteria":"cpe:2.3:a:hitachi:vantara_pentaho_data_integration_and_analytics:8.3:-:*:*:*:*:*:*","matchCriteriaId":"CD5C2274-E0A1-4DD3-BAC8-C107C4026D8B"},{"vulnerable":true,"criteria":"cpe:2.3:a:hitachi:vantara_pentaho_data_integration_and_analytics:9.3:-:*:*:*:*:*:*","matchCriteriaId":"8D8EFD76-9B82-47CF-95F7-5117C58706EB"}]}]}],"references":[{"url":"https://support.pentaho.com/hc/en-us/articles/45676384909069--Resolved-Hitachi-Vantara-Pentaho-Data-Integration-Analytics-Incorrect-Permission-Assignment-for-Critical-Resource-Versions-before-10-2-0-6-and-11-0-0-0-Impacted-CVE-2026-2254?brand_id=1928686","source":"security.vulnerabilities@hitachivantara.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-2255","sourceIdentifier":"security.vulnerabilities@hitachivantara.com","published":"2026-05-27T04:16:26.833","lastModified":"2026-06-18T17:06:09.273","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6 and 11.0.0.0, including 9.3.x and 8.3.x, expose Hadoop cluster credentials in plain text through the Cluster Test API. Although the user should not see those explicitly, the defect is mitigated by the fact the user can already leverage those credentials to submit jobs under the same account through the backend API."}],"affected":[{"source":"security.vulnerabilities@hitachivantara.com","affectedData":[{"vendor":"Hitachi Vantara","product":"Pentaho Data Integration and Analytics","defaultStatus":"unaffected","versions":[{"version":"1.0","lessThan":"10.2.0.6","versionType":"maven","status":"affected"},{"version":"10.0","lessThan":"11.0.0","versionType":"maven","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security.vulnerabilities@hitachivantara.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-27T18:00:31.690560Z","id":"CVE-2026-2255","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security.vulnerabilities@hitachivantara.com","type":"Secondary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hitachi:vantara_pentaho_data_integration_and_analytics:*:*:*:*:*:*:*:*","versionEndExcluding":"10.2.0.7","matchCriteriaId":"50E55F6A-825B-4C80-BA1C-9EF2B058A230"},{"vulnerable":true,"criteria":"cpe:2.3:a:hitachi:vantara_pentaho_data_integration_and_analytics:*:*:*:*:*:*:*:*","versionStartExcluding":"10.2.0.8","versionEndExcluding":"11.0.0.0","matchCriteriaId":"42A22CB8-1987-4AAE-8540-63E534FCEE32"},{"vulnerable":true,"criteria":"cpe:2.3:a:hitachi:vantara_pentaho_data_integration_and_analytics:8.3:-:*:*:*:*:*:*","matchCriteriaId":"CD5C2274-E0A1-4DD3-BAC8-C107C4026D8B"},{"vulnerable":true,"criteria":"cpe:2.3:a:hitachi:vantara_pentaho_data_integration_and_analytics:9.3:-:*:*:*:*:*:*","matchCriteriaId":"8D8EFD76-9B82-47CF-95F7-5117C58706EB"}]}]}],"references":[{"url":"https://support.pentaho.com/hc/en-us/articles/45672235545101--Resolved-Hitachi-Vantara-Pentaho-Data-Integration-Analytics-Insufficiently-Protected-Credentials-Versions-before-10-2-0-6-and-11-0-0-0-Impacted-CVE-2026-2255","source":"security.vulnerabilities@hitachivantara.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-41178","sourceIdentifier":"security-advisories@github.com","published":"2026-06-04T16:16:37.297","lastModified":"2026-06-18T14:34:48.420","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OpenTelemetry-Go is the Go implementation of OpenTelemetry. Versions 1.41.0 and 1.43.0 removed raw-length rejection and it causes `Parse` to process arbitrarily large/invalid baggage headers and log errors, enabling DoS via oversized inputs. Versions 1.42.0 and 1.44.0 fix the issue."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"open-telemetry","product":"go.opentelemetry.io/otel/baggage","versions":[{"version":"= 1.41.0","status":"affected"},{"version":"= 1.43.0","status":"affected"}]},{"vendor":"open-telemetry","product":"go.opentelemetry.io/otel/propagation","versions":[{"version":"= 1.41.0","status":"affected"},{"version":"= 1.43.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-04T15:46:06.715583Z","id":"CVE-2026-41178","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-789"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:opentelemetry:opentelemetry:*:*:*:*:*:go:*:*","versionEndExcluding":"1.42.0","matchCriteriaId":"162669E6-6DF4-4673-8120-9A0B3D9614A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:opentelemetry:opentelemetry:1.43.0:*:*:*:*:go:*:*","matchCriteriaId":"1417852C-0B60-4DED-A57B-5D346742643E"}]}]}],"references":[{"url":"https://github.com/open-telemetry/opentelemetry-go/pull/7880","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/open-telemetry/opentelemetry-go/security/advisories/GHSA-5wrp-cwcj-q835","source":"security-advisories@github.com","tags":["Issue Tracking","Patch","Vendor Advisory"]},{"url":"https://github.com/open-telemetry/opentelemetry-go/security/advisories/GHSA-5wrp-cwcj-q835","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Issue Tracking","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45287","sourceIdentifier":"security-advisories@github.com","published":"2026-06-04T16:16:38.690","lastModified":"2026-06-18T14:32:52.440","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, `go.opentelemetry.io/otel/schema/v1.0` and `go.opentelemetry.io/otel/schema/v1.1` leaks one file descriptor on each successful `ParseFile` call. `ParseFile` opens the schema file and passes it to `Parse` without closing it; repeated parsing in a long-running process can exhaust the process file descriptor limit and cause denial of service. Exploitation depends on a consuming application exposing repeated schema parsing to an attacker-controlled path. Version 0.0.17 contains a patch for the issue."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"open-telemetry","product":"go.opentelemetry.io/otel/schema/v1.1","versions":[{"version":"< 0.0.17","status":"affected"}]},{"vendor":"open-telemetry","product":"go.opentelemetry.io/otel/schema/v1.0","versions":[{"version":"< 0.0.17","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-08T18:27:31.389905Z","id":"CVE-2026-45287","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-772"},{"lang":"en","value":"CWE-775"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:opentelemetry:telemetry_schema_files:*:*:*:*:*:go:*:*","versionEndExcluding":"0.0.17","matchCriteriaId":"C1E07F4C-8807-4E10-9070-74A758A72A4E"}]}]}],"references":[{"url":"https://github.com/open-telemetry/opentelemetry-go/commit/e72a235518cb773137efd80336a179028bc34684","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/open-telemetry/opentelemetry-go/commit/f12d198f161b61735d65705248715aa97021ba8d","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/open-telemetry/opentelemetry-go/security/advisories/GHSA-995v-fvrw-c78m","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/open-telemetry/opentelemetry-go/security/advisories/GHSA-995v-fvrw-c78m","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-7542","sourceIdentifier":"security@wordfence.com","published":"2026-06-09T09:16:30.880","lastModified":"2026-06-18T21:16:30.060","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions 7.0 to 7.0.10. This is due to three compounding design flaws: (1) the plugin leaks a valid backend AJAX nonce (revslider_actions) to all authenticated users including Subscribers via the admin_footer hook; (2) the wordpress.create.image_from_url action is explicitly allowlisted in the $user_allowed array, bypassing the administrator-only access control; (3) the create_wordpress_image_from_url() function accepts an attacker-controlled url parameter that is passed to import_media(), where path_or_url_exists() explicitly accepts local filesystem paths (file_exists() && is_readable()) with no restriction to remote HTTP/HTTPS URLs, and @copy() physically copies those files into the publicly accessible /wp-content/uploads/revslider/ai/ directory. The MIME type check trusts the attacker-supplied content_type parameter to derive the destination extension without verifying actual file content, and the source extension blacklist does not block many sensitive types (.sql, .log, .json, .bak, .xml, .csv, .conf, .yml, .yaml, .pem, .key, .crt, .txt, .db, etc.). This makes it possible for authenticated attackers with Subscriber-level access and above to read the contents of server files with non-blacklisted extensions by having them copied to a publicly accessible URL."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"Revolution Slider","product":"Slider Revolution","defaultStatus":"unaffected","versions":[{"version":"7.0","lessThanOrEqual":"7.0.10","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T16:03:34.179689Z","id":"CVE-2026-7542","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"references":[{"url":"https://www.sliderrevolution.com/changelog/","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4f57cac9-5610-454b-affb-86384ea00881?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-0409","sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","published":"2026-06-09T17:16:58.060","lastModified":"2026-06-18T18:37:17.043","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrator performs certain specific management actions. This issue affects NETGEAR Orbi 370 series devices before V12.1.2.7."}],"affected":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","affectedData":[{"vendor":"NETGEAR","product":"Orbi 370","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V12.1.2.7","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.5,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:59:23.715804Z","id":"CVE-2026-0409","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbe370_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"12.1.2.7","matchCriteriaId":"40EB2E9F-41D9-424D-B0FA-F87BE62AAAFF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbe370:-:*:*:*:*:*:*:*","matchCriteriaId":"368F8D25-16A4-416B-82EC-7508218DD281"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbe371_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"12.1.2.7","matchCriteriaId":"3CBBE681-AA97-44FD-A059-E8AE1A5E2388"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbe371:-:*:*:*:*:*:*:*","matchCriteriaId":"00BA4811-2DD1-4DA6-8ECF-CFFEFCB443F2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbe372_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"12.1.2.7","matchCriteriaId":"0B44F937-7A16-4139-8943-3BFA0480851F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbe372:-:*:*:*:*:*:*:*","matchCriteriaId":"7FA875C8-A4CC-4CC6-8681-803C6F244E36"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbe374_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"12.1.2.7","matchCriteriaId":"C88D3308-C6FA-4455-8DB5-584AACA9B442"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbe374:-:*:*:*:*:*:*:*","matchCriteriaId":"A4B041C8-A297-478F-86A0-91769750F7B9"}]}]}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/support/product/rbe372/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-0410","sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","published":"2026-06-09T17:16:58.227","lastModified":"2026-06-18T18:09:28.343","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Authenticated administrators connected to the local network can gain \nelevated access to the router and make unauthorized changes to router \nsoftware and functionality."}],"affected":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","affectedData":[{"vendor":"NETGEAR","product":"R7000","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.11.216","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX20","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.18.144","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX35v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.16.132","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX41","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.16.132","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX41v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.4.28","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX42","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.16.132","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX42v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.4.28","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX43","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.16.132","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX43v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.4.28","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX45","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.16.132","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX49S","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.4.28","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX50","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.16.132","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX50S","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.16.132","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX50v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.4.28","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX54Sv2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.4.28","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX54v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.4.28","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAXE450","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.2.14.114","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAXE500","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.2.14.114","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"XR1000","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.0.22","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"XR1000v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.0.22","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber","baseScore":1.9,"baseSeverity":"LOW","attackVector":"ADJACENT","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","baseScore":4.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T17:27:32.030390Z","id":"CVE-2026-0410","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.11.216","matchCriteriaId":"9BBC48E0-E422-46FF-BA97-462A96A8B1B1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*","matchCriteriaId":"C9F86FF6-AB32-4E51-856A-DDE790C0A9A6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.18.144","matchCriteriaId":"459255C7-BB1F-49E5-ADCC-B95D1AF52CBE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*","matchCriteriaId":"7038703C-C79D-4DD4-8B16-E1A5FC6694C0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.16.132","matchCriteriaId":"88A046EC-10CB-4CFA-993B-0075922B9C5C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*","matchCriteriaId":"9358B2F2-D24E-434D-AEE5-6CE093598793"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax41_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.16.132","matchCriteriaId":"D597BFAB-1C17-4B65-9149-E481167FE4C6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax41:-:*:*:*:*:*:*:*","matchCriteriaId":"C52C7C17-08C5-47CE-A5D5-640C6B9DB82C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax41v2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.4.28","matchCriteriaId":"7B061BDD-0FE6-435F-99C3-380EDCF59F18"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax41v2:-:*:*:*:*:*:*:*","matchCriteriaId":"138DD7E4-528F-4984-ACD7-E18379C4FF7C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax42_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.16.132","matchCriteriaId":"84ECBA5C-134C-4AE9-93AB-454471F34CEC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax42:-:*:*:*:*:*:*:*","matchCriteriaId":"D83182AB-E726-4371-B092-FA1920408FED"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax42v2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.4.28","matchCriteriaId":"A45E6061-D576-4383-9937-5583FC3927C6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax42v2:-:*:*:*:*:*:*:*","matchCriteriaId":"D61EA1E9-FB8C-4E79-8A07-7B5E79DCB70A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.16.132","matchCriteriaId":"0968619E-7971-42F8-B9C3-8553D7B5BD46"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*","matchCriteriaId":"178BB386-F66C-4CE8-9283-37D22B304691"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax43v2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.4.28","matchCriteriaId":"7AD34D2C-632D-4A2D-91D7-5E05AB217083"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax43v2:-:*:*:*:*:*:*:*","matchCriteriaId":"6E165736-5E8D-4DDB-B157-99723FE20BD2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.16.132","matchCriteriaId":"04DE8BC8-5F4C-4120-B46F-FCE8575B2BB2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*","matchCriteriaId":"4B08BD69-CDCC-4CEB-B887-4E47D2B45D26"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax49s_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.4.28","matchCriteriaId":"E47FE8F8-A9A0-459A-8D68-41ECA012650B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax49s:-:*:*:*:*:*:*:*","matchCriteriaId":"85511EF7-8F04-4DB7-8CF3-2F888A0A94C5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.16.132","matchCriteriaId":"9CA4D5A7-5A56-48C7-85DE-1967C9629835"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*","matchCriteriaId":"C430976E-24C0-4EA7-BF54-F9C188AB9C01"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax50s_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.16.132","matchCriteriaId":"E5ECFB8C-5F0F-42DE-A514-D69E975E02FD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax50s:-:*:*:*:*:*:*:*","matchCriteriaId":"DBB69710-DA7E-4011-A61A-BA40462A041F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax50v2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.4.28","matchCriteriaId":"4E3CF81D-863A-45FD-BDE6-5EF3DD207142"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax50v2:-:*:*:*:*:*:*:*","matchCriteriaId":"59381950-4DC4-4FD7-B3DB-D950DDA5C591"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax54sv2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.4.28","matchCriteriaId":"6644CB5C-5593-40E9-A04D-E2883AFA74AA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax54sv2:-:*:*:*:*:*:*:*","matchCriteriaId":"B9FCC230-8A49-4C8C-BB53-DD703996F4DA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:raxe450_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.14.114","matchCriteriaId":"907573F6-73D1-4E0D-8068-B9CA3A00A010"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:raxe450:-:*:*:*:*:*:*:*","matchCriteriaId":"67D7EC2C-E443-4749-854E-5BC057CA6B06"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:raxe500_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.14.114","matchCriteriaId":"B75B005E-469A-4AB4-A0F5-D0067D66FFA3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:raxe500:-:*:*:*:*:*:*:*","matchCriteriaId":"6D23ADF0-05B4-4163-9666-3F470FB19E01"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.0.22","matchCriteriaId":"80874BD7-33C7-481D-8A97-9A4B5E0144A5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*","matchCriteriaId":"4FD4ED11-4130-47DA-8A9D-55B8F6E3E213"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:xr1000v2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.0.22","matchCriteriaId":"79C9605E-5D93-4C78-A935-9894ED02CE22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:xr1000v2:-:*:*:*:*:*:*:*","matchCriteriaId":"697B2136-87A6-4E8F-8B5E-373B02E9D6D7"}]}]}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/support/product/r7000/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax20/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax35v2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax41/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax41v2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax42/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax42v2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax43/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax43v2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax45/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax49s/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax50/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax50s/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax50v2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax54sv2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/raxe450/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/raxe500/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/xr1000/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/xr1000v2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-0411","sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","published":"2026-06-09T17:16:58.453","lastModified":"2026-06-18T18:05:56.783","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An information disclosure vulnerability in the NETGEAR Orbi satellites (RBR/RBE/RBS Series) could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability.\n\n\nOrbi WiFi Systems without satellite devices are not impacted by this issue."}],"affected":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","affectedData":[{"vendor":"NETGEAR","product":"RBE970","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"6.3.8.11","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR350","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V4.4.2.2","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR760","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V6.3.8.11","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS350","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V4.4.2.2","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS760","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V6.3.8.11","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:59:29.333092Z","id":"CVE-2026-0411","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbe970_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"9.13.2.1","matchCriteriaId":"C3821162-B566-4B42-B210-B7F2B0E39512"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbe970:-:*:*:*:*:*:*:*","matchCriteriaId":"DE1F3088-9598-4EB5-A8A0-E0D4E529CB12"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr350_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.4.2.2","matchCriteriaId":"15B6577A-EB55-40E2-9B6C-2821923E76E9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr350:-:*:*:*:*:*:*:*","matchCriteriaId":"C967BD79-D46C-4E73-9063-394454C33180"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr760_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"6.3.8.11","matchCriteriaId":"87A60D1D-8933-43AD-8C45-3377B3F02F89"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr760:-:*:*:*:*:*:*:*","matchCriteriaId":"49412019-F011-40A8-B09E-F704E9C343AB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs350_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.4.2.2","matchCriteriaId":"3BCF891A-82B5-45FA-9041-86D2CD05248F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs350:-:*:*:*:*:*:*:*","matchCriteriaId":"D69C0384-012F-4F3C-B5B2-EE2087C8187D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs760_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"6.3.8.11","matchCriteriaId":"B325A884-D98D-40CD-829F-9F75E8028AE1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs760:-:*:*:*:*:*:*:*","matchCriteriaId":"1A648203-25DE-41E9-A7C4-A08F070479D1"}]}]}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/support/product/rbe970/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr350/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr760/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs350/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs760/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-0412","sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","published":"2026-06-09T17:16:58.627","lastModified":"2026-06-18T13:53:32.013","vulnStatus":"Analyzed","cveTags":[{"sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"Insufficient input validation vulnerability in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows administrators connected to the local network to make unauthorized modification of router software and functionality. NETGEAR JR6150 reached End-of-Support status in 2018 and is no longer receiving security updates. NETGEAR strongly recommends \nreplacing these devices with newer NETGEAR models to ensure continued \nsecurity support and updates.\n\n\n\nThis vulnerability has been identified through firmware emulation in a \ncontrolled research environment and has not been verified on production \nhardware."}],"affected":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","affectedData":[{"vendor":"NETGEAR","product":"JR6150","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:X/U:Amber","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","baseScore":4.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T17:32:10.391003Z","id":"CVE-2026-0412","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:jr6150_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EA9FEFBD-FE94-41F0-809F-DF60403ED087"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*","matchCriteriaId":"D67167E5-81D2-4892-AF41-CBB6271232D1"}]}]}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/support/product/jr6150","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-0413","sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","published":"2026-06-09T17:16:58.777","lastModified":"2026-06-18T17:57:25.547","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality."}],"affected":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","affectedData":[{"vendor":"NETGEAR","product":"RBE370","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V12.1.2.1","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBE770","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V10.5.20.10","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR750","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR840","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR850","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR860","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBRE950","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBRE960","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS750","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS840","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS850","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS860","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBSE950","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBSE960","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","baseScore":4.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T17:06:08.653522Z","id":"CVE-2026-0413","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbe370_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"12.1.2.1","matchCriteriaId":"DBEBFF73-ADB5-4541-B243-BE149F1E6AD1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbe370:-:*:*:*:*:*:*:*","matchCriteriaId":"368F8D25-16A4-416B-82EC-7508218DD281"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbe770_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"10.5.20.10","matchCriteriaId":"CDF73542-52B0-44D5-AEF7-C7BAB1B0CEC8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbe770:-:*:*:*:*:*:*:*","matchCriteriaId":"203F8C90-2850-4506-BADF-F420AFCEC4F7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"0D73C133-BD68-4532-B267-61796ECB1A07"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*","matchCriteriaId":"C13F5C69-FA9B-472A-9036-0C2967BDCDE9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"9C730F75-337C-44C5-9DE7-E532D7C3C8BC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*","matchCriteriaId":"4489CB05-A1C0-408C-8D8C-56EE98CA20E8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"7E5B3B94-CC3D-4CFC-9FE2-9EF5CEBD4B1A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*","matchCriteriaId":"D92E4C8E-222A-476C-8273-F7171FC61F0B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr860_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"659D5BE0-C045-48FD-9214-B35D408AF0BA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr860:-:*:*:*:*:*:*:*","matchCriteriaId":"928FC2C1-4D05-495B-ACD8-1D013EB18EE6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbre950_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"08EA0CCC-1FAD-47D3-B70E-1991AE30C12E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbre950:-:*:*:*:*:*:*:*","matchCriteriaId":"848E7D41-EB61-4AB3-9AED-8E35281DB464"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbre960_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"C22E56DA-E0B9-4A24-B818-F7919B8CDB5C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbre960:-:*:*:*:*:*:*:*","matchCriteriaId":"314FF95E-5A0C-4A6B-B8D6-28546F2C1A12"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"0821D003-6E44-46DB-B3D1-2CA553483036"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*","matchCriteriaId":"B529194C-C440-4BC3-850F-0613FC548F86"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"A19A26FE-6D83-45F3-A852-FCD9F6E9F3D4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*","matchCriteriaId":"84AEA27B-8BEA-4E83-819A-FDAC1881928F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"79468E3C-C58C-4076-BB85-4C331BCC300C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*","matchCriteriaId":"221CA950-E984-44CD-9E1B-3AADE3CEBE52"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs860_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"4D8CED97-AA9C-4655-B521-319021F1F9DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs860:-:*:*:*:*:*:*:*","matchCriteriaId":"E6630553-D726-4524-8BD2-3EE839DE6676"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbse950_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"E26EAB17-7904-4325-A21D-43B807F7DB56"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbse950:-:*:*:*:*:*:*:*","matchCriteriaId":"32A3F32B-B05E-42C6-969A-0F4DD5B7942E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbse960_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"19048F97-E226-4287-A206-9006F7B91E21"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbse960:-:*:*:*:*:*:*:*","matchCriteriaId":"419AF785-61C6-4911-A170-6A06D7991948"}]}]}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/support/product/rbe372/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbe770/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr750/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr840/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr850/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr860/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbre950/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbre960/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs750/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs840/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs850/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs860/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbse950/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbse960/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-0414","sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","published":"2026-06-09T17:16:58.990","lastModified":"2026-06-18T17:56:22.497","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality."}],"affected":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","affectedData":[{"vendor":"NETGEAR","product":"RBE970","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V9.12.4.9","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","baseScore":4.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:59:28.249232Z","id":"CVE-2026-0414","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbe970_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"9.12.4.9","matchCriteriaId":"301DE3B8-EF02-46C6-96EF-3735CE242BBC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbe970:-:*:*:*:*:*:*:*","matchCriteriaId":"DE1F3088-9598-4EB5-A8A0-E0D4E529CB12"}]}]}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/support/product/rbe970/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-0415","sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","published":"2026-06-09T17:16:59.130","lastModified":"2026-06-18T17:56:13.980","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality."}],"affected":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","affectedData":[{"vendor":"NETGEAR","product":"RBE970","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V9.12.4.9","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR750","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR840","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR850","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR860","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBRE950","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBRE960","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS750","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS840","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS850","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS860","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBSE950","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBSE960","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.8.5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","baseScore":4.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T17:02:38.168412Z","id":"CVE-2026-0415","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbe970_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"9.12.4.9","matchCriteriaId":"301DE3B8-EF02-46C6-96EF-3735CE242BBC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbe970:-:*:*:*:*:*:*:*","matchCriteriaId":"DE1F3088-9598-4EB5-A8A0-E0D4E529CB12"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"0D73C133-BD68-4532-B267-61796ECB1A07"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*","matchCriteriaId":"C13F5C69-FA9B-472A-9036-0C2967BDCDE9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"9C730F75-337C-44C5-9DE7-E532D7C3C8BC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*","matchCriteriaId":"4489CB05-A1C0-408C-8D8C-56EE98CA20E8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"7E5B3B94-CC3D-4CFC-9FE2-9EF5CEBD4B1A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*","matchCriteriaId":"D92E4C8E-222A-476C-8273-F7171FC61F0B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr860_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"659D5BE0-C045-48FD-9214-B35D408AF0BA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr860:-:*:*:*:*:*:*:*","matchCriteriaId":"928FC2C1-4D05-495B-ACD8-1D013EB18EE6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbre950_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"08EA0CCC-1FAD-47D3-B70E-1991AE30C12E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbre950:-:*:*:*:*:*:*:*","matchCriteriaId":"848E7D41-EB61-4AB3-9AED-8E35281DB464"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbre960_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"C22E56DA-E0B9-4A24-B818-F7919B8CDB5C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbre960:-:*:*:*:*:*:*:*","matchCriteriaId":"314FF95E-5A0C-4A6B-B8D6-28546F2C1A12"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"0821D003-6E44-46DB-B3D1-2CA553483036"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*","matchCriteriaId":"B529194C-C440-4BC3-850F-0613FC548F86"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"A19A26FE-6D83-45F3-A852-FCD9F6E9F3D4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*","matchCriteriaId":"84AEA27B-8BEA-4E83-819A-FDAC1881928F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"79468E3C-C58C-4076-BB85-4C331BCC300C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*","matchCriteriaId":"221CA950-E984-44CD-9E1B-3AADE3CEBE52"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs860_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"4D8CED97-AA9C-4655-B521-319021F1F9DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs860:-:*:*:*:*:*:*:*","matchCriteriaId":"E6630553-D726-4524-8BD2-3EE839DE6676"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbse950_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"E26EAB17-7904-4325-A21D-43B807F7DB56"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbse950:-:*:*:*:*:*:*:*","matchCriteriaId":"32A3F32B-B05E-42C6-969A-0F4DD5B7942E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbse960_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.8.5","matchCriteriaId":"19048F97-E226-4287-A206-9006F7B91E21"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbse960:-:*:*:*:*:*:*:*","matchCriteriaId":"419AF785-61C6-4911-A170-6A06D7991948"}]}]}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/support/product/rbe970/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr750/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr840/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr850/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr860/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbre950/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbre960/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs750/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs840/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs850/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs860/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbse950/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbse960/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-0416","sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","published":"2026-06-09T17:16:59.313","lastModified":"2026-06-18T13:53:17.863","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An insufficient input validation vulnerability in certain NETGEAR router models as listed allows an authenticated administrator with local network access to submit crafted input that bypasses intended management interface restrictions, resulting in unauthorized modification of protected router software or functionality."}],"affected":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","affectedData":[{"vendor":"NETGEAR","product":"RAXE450","defaultStatus":"unaffected","versions":[{"version":"V1.0.12.96","lessThan":"V1.2.14.114","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAXE500","defaultStatus":"unaffected","versions":[{"version":"V1.0.12.96","lessThan":"V1.2.14.114","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","baseScore":4.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T17:35:04.463131Z","id":"CVE-2026-0416","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:raxe450_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.14.114","matchCriteriaId":"907573F6-73D1-4E0D-8068-B9CA3A00A010"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:raxe450:-:*:*:*:*:*:*:*","matchCriteriaId":"67D7EC2C-E443-4749-854E-5BC057CA6B06"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:raxe500_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.14.114","matchCriteriaId":"B75B005E-469A-4AB4-A0F5-D0067D66FFA3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:raxe500:-:*:*:*:*:*:*:*","matchCriteriaId":"6D23ADF0-05B4-4163-9666-3F470FB19E01"}]}]}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/support/product/raxe450/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/raxe500/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-0417","sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","published":"2026-06-09T17:16:59.450","lastModified":"2026-06-18T13:53:01.753","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Insufficient input validation vulnerability in the listed NETGEAR devices allows\nauthenticated administrators connected to the local network to tamper with\nthe router's integrity."}],"affected":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","affectedData":[{"vendor":"NETGEAR","product":"MR60","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.7.132","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MR70","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.3.28","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MR80","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.7.14","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MS60","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.7.132","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MS70","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.3.28","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MS80","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.7.14","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R6400v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.4.128","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R6700v3","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.4.128","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R6900P","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.3.3.152","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R7000","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.11.216","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R7000P","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.3.3.152","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R7960P","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.4.4.92","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R8000P","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.4.4.92","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R8500","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0.2.160","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX20","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.18.144","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX35v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.16.132","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX40v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.12.118","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX41","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.12.118","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX42","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.12.118","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX43","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.12.120","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX45","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.12.118","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX48","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.12.118","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX50","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.12.120","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX50S","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.12.120","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAXE450","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.10.86","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAXE500","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.10.86","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"XR1000","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.0.68","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","baseScore":4.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T17:10:42.291794Z","id":"CVE-2026-0417","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.7.132","matchCriteriaId":"3EF1385A-03C2-4D3D-9D75-E8DE3E860252"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*","matchCriteriaId":"65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:mr70_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.3.28","matchCriteriaId":"98DBBC25-220A-425A-9D25-FDF9F5D8D0E6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:mr70:-:*:*:*:*:*:*:*","matchCriteriaId":"34070FFE-F407-40FD-AACE-5C96F3055799"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:mr80_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.7.14","matchCriteriaId":"DC49CD0C-3719-4D88-9648-ECF9DDEA6681"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:mr80:-:*:*:*:*:*:*:*","matchCriteriaId":"2A086E76-3F23-4C21-AC96-F11372A8A186"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.7.132","matchCriteriaId":"61B580A7-7D84-476E-9A42-9660F0062149"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*","matchCriteriaId":"F003F064-591C-4D7C-9EC4-D0E553BC6683"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ms70_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.3.28","matchCriteriaId":"83AB7D19-6ED2-417A-B79B-C0BED0E94EDC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ms70:-:*:*:*:*:*:*:*","matchCriteriaId":"D8D33A91-19BD-4901-9DDF-A1A06E8E2B53"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ms80_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.7.14","matchCriteriaId":"DD5FC952-3B49-4872-92B7-185B26657949"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ms80:-:*:*:*:*:*:*:*","matchCriteriaId":"DE1A0669-790A-4EE7-A0DC-6E1023D6B4F9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.4.128","matchCriteriaId":"FC1E505A-2D3E-4D4B-A0EB-340F0C1FFC12"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*","matchCriteriaId":"AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.4.128","matchCriteriaId":"59CCB63C-A0DB-4DD3-B7F5-86B692925244"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*","matchCriteriaId":"C88DA385-5FAE-49EC-80D6-78F81E7EEC16"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.3.3.152","matchCriteriaId":"BBBA3274-E99E-4E05-8EAB-A19F160B7F6E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*","matchCriteriaId":"C41908FF-AE64-4949-80E3-BEE061B2DA8A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.11.216","matchCriteriaId":"9BBC48E0-E422-46FF-BA97-462A96A8B1B1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*","matchCriteriaId":"C9F86FF6-AB32-4E51-856A-DDE790C0A9A6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.3.3.152","matchCriteriaId":"DAD44722-516C-4368-AB0D-32C65756D20D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*","matchCriteriaId":"DFE55F4D-E98B-46D3-B870-041141934CD1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.4.4.92","matchCriteriaId":"CA1DDBA0-5374-4158-82D1-46364439DA44"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*","matchCriteriaId":"091CEDB5-0069-4253-86D8-B9FE17CB9F24"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.4.4.92","matchCriteriaId":"4438027B-4FC7-488C-A077-1CFACF20E847"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*","matchCriteriaId":"F7EF872D-2537-4FEB-8799-499FC9D44339"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r8500_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CF07E3BB-5FDE-4C79-A893-E6111AED30A5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*","matchCriteriaId":"63500DE4-BDBD-4F86-AB99-7DB084D0B912"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.18.144","matchCriteriaId":"459255C7-BB1F-49E5-ADCC-B95D1AF52CBE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*","matchCriteriaId":"7038703C-C79D-4DD4-8B16-E1A5FC6694C0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.16.132","matchCriteriaId":"88A046EC-10CB-4CFA-993B-0075922B9C5C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*","matchCriteriaId":"9358B2F2-D24E-434D-AEE5-6CE093598793"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax40v2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.12.118","matchCriteriaId":"09812CA8-060B-45A8-9444-FBD91C66796A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax40v2:-:*:*:*:*:*:*:*","matchCriteriaId":"3CEAD12D-6D90-4CFB-9E59-2CEBD400C567"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax41_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.12.118","matchCriteriaId":"67D8174B-97B6-4533-B495-25FA146D82FC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax41:-:*:*:*:*:*:*:*","matchCriteriaId":"C52C7C17-08C5-47CE-A5D5-640C6B9DB82C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax42_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.12.118","matchCriteriaId":"332644E4-6F59-4076-90D4-A6A7B7F6197F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax42:-:*:*:*:*:*:*:*","matchCriteriaId":"D83182AB-E726-4371-B092-FA1920408FED"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.12.120","matchCriteriaId":"76F8EB7B-A61F-43D1-86C1-30C6D4226EC0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*","matchCriteriaId":"178BB386-F66C-4CE8-9283-37D22B304691"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.12.118","matchCriteriaId":"EB49D51C-9227-449A-A9D7-EDA3EDC0A4AA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*","matchCriteriaId":"4B08BD69-CDCC-4CEB-B887-4E47D2B45D26"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax48_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.12.118","matchCriteriaId":"2571BD32-E63B-4AD4-8BD9-44DD00B6DCC6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax48:-:*:*:*:*:*:*:*","matchCriteriaId":"09E50F2A-C46C-4875-84AB-04AA00BFA53F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.12.120","matchCriteriaId":"30962AE5-2215-45F5-B103-554442D99264"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*","matchCriteriaId":"C430976E-24C0-4EA7-BF54-F9C188AB9C01"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax50s_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.12.120","matchCriteriaId":"513DFF3C-15D7-4548-AE26-89D96DD7E438"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax50s:-:*:*:*:*:*:*:*","matchCriteriaId":"DBB69710-DA7E-4011-A61A-BA40462A041F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:raxe450_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.10.86","matchCriteriaId":"97B3E502-9591-425B-808A-C3FBA780D639"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:raxe450:-:*:*:*:*:*:*:*","matchCriteriaId":"67D7EC2C-E443-4749-854E-5BC057CA6B06"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:raxe500_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.10.86","matchCriteriaId":"4D45E858-87C7-4005-8EB2-3C3D85A30167"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:raxe500:-:*:*:*:*:*:*:*","matchCriteriaId":"6D23ADF0-05B4-4163-9666-3F470FB19E01"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.0.68","matchCriteriaId":"9C79CAF6-72D7-4778-B4B6-07C71EFD86C8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*","matchCriteriaId":"4FD4ED11-4130-47DA-8A9D-55B8F6E3E213"}]}]}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/support/product/mr60/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/mr70/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/mr80/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/ms60/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/ms70/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/ms80/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r6400v2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r6700v3/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r6900p/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r7000/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r7000p/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r7960p/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r8000p/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r8500/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax20/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax35v2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax40v2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax41/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax42/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax43/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax45/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax48/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax50/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax50s/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/raxe450/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/raxe500/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/xr1000/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-0418","sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","published":"2026-06-09T17:16:59.687","lastModified":"2026-06-18T13:52:48.543","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network\nto tamper with the system."}],"affected":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","affectedData":[{"vendor":"NETGEAR","product":"CBR750","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"v4.6.14.4","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"EX6120","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0.0.72","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"EX6130","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0.0.54","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MR60","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.7.128","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MR70","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.3.28","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MR80","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.7.6","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MS60","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.7.128","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MS70","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.3.28","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MS80","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.7.6","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX15","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0.18.144","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX20","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0.18.144","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX200","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0.11.148","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX35v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.11.112","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX38v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.11.112","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX40v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.11.112","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX42","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.11.112","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX43","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.11.112","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX45","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.11.112","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX48","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.11.112","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX50","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.11.112","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX50S","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.11.112","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX75","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0.11.148","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX80","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0.11.148","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAXE450","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.10.86","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAXE500","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.10.86","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR750","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V4.6.14.3","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR840","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V4.6.14.3","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR850","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V4.6.14.3","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBRE960","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V6.3.7.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS750","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V4.6.14.3","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS840","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V4.6.14.3","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS850","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V4.6.14.3","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBSE960","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V6.3.7.5","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RS700","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.7.66","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"XR1000","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"v1.0.0.68","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:D/RE:L/U:Amber","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","baseScore":4.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T17:08:11.783284Z","id":"CVE-2026-0418","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","description":[{"lang":"en","value":"CWE-15"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-610"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.6.14.4","matchCriteriaId":"27A6A117-9464-4BD2-AA3A-76B44E4406FA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*","matchCriteriaId":"CBD14EFC-C6EF-485B-A594-73B8525704A5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ex6120_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6890822B-890B-44CC-8C69-57ABA3BB8825"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*","matchCriteriaId":"8C6DFDB6-1D7A-459A-8D30-FD4900ED718B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ex6130_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1FAB313E-3DAB-40D4-88C9-DD40083B03EA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*","matchCriteriaId":"305E295C-9C73-4798-A0BE-7973E1EE5EAB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.7.128","matchCriteriaId":"BA8B32CF-9D57-4414-9E59-BF91D5059E8C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*","matchCriteriaId":"65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:mr70_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.3.28","matchCriteriaId":"98DBBC25-220A-425A-9D25-FDF9F5D8D0E6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:mr70:-:*:*:*:*:*:*:*","matchCriteriaId":"34070FFE-F407-40FD-AACE-5C96F3055799"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:mr80_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.7.6","matchCriteriaId":"02AB4A84-8D3A-4666-AF65-3AF18283209E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:mr80:-:*:*:*:*:*:*:*","matchCriteriaId":"2A086E76-3F23-4C21-AC96-F11372A8A186"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.7.128","matchCriteriaId":"AA619686-DCE2-42E1-BA11-2A694BDBD8C3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*","matchCriteriaId":"F003F064-591C-4D7C-9EC4-D0E553BC6683"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ms70_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.3.28","matchCriteriaId":"83AB7D19-6ED2-417A-B79B-C0BED0E94EDC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ms70:-:*:*:*:*:*:*:*","matchCriteriaId":"D8D33A91-19BD-4901-9DDF-A1A06E8E2B53"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ms80_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.7.6","matchCriteriaId":"0948DCE2-B4CB-4BBB-94DF-D6C3D6AAAE19"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ms80:-:*:*:*:*:*:*:*","matchCriteriaId":"DE1A0669-790A-4EE7-A0DC-6E1023D6B4F9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax15_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9D8EEAD3-03E1-4383-A614-55BB93CAB9E8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*","matchCriteriaId":"B624B4D3-BCF4-4F95-B401-A88BEC3145A5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax20_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"138ADD3B-AC8E-467D-9AB4-DF4D664DE76B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*","matchCriteriaId":"7038703C-C79D-4DD4-8B16-E1A5FC6694C0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax200_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A527DF9D-DC32-4CEB-8E63-92B12541E660"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*","matchCriteriaId":"58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.11.112","matchCriteriaId":"66CB51F7-7712-4607-BDCB-AD175F98D454"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*","matchCriteriaId":"9358B2F2-D24E-434D-AEE5-6CE093598793"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax38v2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.11.112","matchCriteriaId":"8C0AC861-D00C-4E84-9DAA-3156158413E2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax38v2:-:*:*:*:*:*:*:*","matchCriteriaId":"DE59D8F1-1883-4C96-8099-AA6B362A8D2B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax40v2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.11.112","matchCriteriaId":"C03932D4-2F7C-4490-A4DD-0015E3A620A3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax40v2:-:*:*:*:*:*:*:*","matchCriteriaId":"3CEAD12D-6D90-4CFB-9E59-2CEBD400C567"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax42_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.11.112","matchCriteriaId":"966C3724-1042-4F46-B14F-925B1FD0227A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax42:-:*:*:*:*:*:*:*","matchCriteriaId":"D83182AB-E726-4371-B092-FA1920408FED"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.11.112","matchCriteriaId":"D2C965BD-9E9C-4D57-8E38-89937990C021"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*","matchCriteriaId":"178BB386-F66C-4CE8-9283-37D22B304691"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.11.112","matchCriteriaId":"B8721FAB-D3C0-44AB-9F64-244B41377998"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*","matchCriteriaId":"4B08BD69-CDCC-4CEB-B887-4E47D2B45D26"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax48_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.11.112","matchCriteriaId":"4FFC4BD9-5E37-49FB-9F7B-E3E946576DE0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax48:-:*:*:*:*:*:*:*","matchCriteriaId":"09E50F2A-C46C-4875-84AB-04AA00BFA53F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.11.112","matchCriteriaId":"48D8B8A7-2F7F-434D-93EC-EC65D05B932F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*","matchCriteriaId":"C430976E-24C0-4EA7-BF54-F9C188AB9C01"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax50s_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.11.112","matchCriteriaId":"1DF88CFF-AE20-4D69-8E01-1580140D044E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax50s:-:*:*:*:*:*:*:*","matchCriteriaId":"DBB69710-DA7E-4011-A61A-BA40462A041F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax75_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"527B609F-92F2-4A32-88D6-CD346A79BEED"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*","matchCriteriaId":"1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax80_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FE9085A4-BFF2-4A55-8BE3-CF1684DE5C58"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*","matchCriteriaId":"06B5A85C-3588-4263-B9AD-4E56D3F6CB16"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:raxe450_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.10.86","matchCriteriaId":"97B3E502-9591-425B-808A-C3FBA780D639"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:raxe450:-:*:*:*:*:*:*:*","matchCriteriaId":"67D7EC2C-E443-4749-854E-5BC057CA6B06"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:raxe500_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.10.86","matchCriteriaId":"4D45E858-87C7-4005-8EB2-3C3D85A30167"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:raxe500:-:*:*:*:*:*:*:*","matchCriteriaId":"6D23ADF0-05B4-4163-9666-3F470FB19E01"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.6.14.3","matchCriteriaId":"A81C3970-8D99-414B-8CE0-88BC8E7A5916"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*","matchCriteriaId":"C13F5C69-FA9B-472A-9036-0C2967BDCDE9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.6.14.3","matchCriteriaId":"79CCF15C-19D6-43E0-99D6-0236B1A24EF6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*","matchCriteriaId":"4489CB05-A1C0-408C-8D8C-56EE98CA20E8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.6.14.3","matchCriteriaId":"E1CABD91-C2CA-4956-89DF-EB71F6374371"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*","matchCriteriaId":"D92E4C8E-222A-476C-8273-F7171FC61F0B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbre960_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"6.3.7.5","matchCriteriaId":"E7247457-5B74-42A6-B561-EE2B26A185D7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbre960:-:*:*:*:*:*:*:*","matchCriteriaId":"314FF95E-5A0C-4A6B-B8D6-28546F2C1A12"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.6.14.3","matchCriteriaId":"2C304BF5-1910-4FF8-BC91-736D73E35264"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*","matchCriteriaId":"B529194C-C440-4BC3-850F-0613FC548F86"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.6.14.3","matchCriteriaId":"2AC67D89-0D16-4B31-8988-A3FE58D8214F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*","matchCriteriaId":"84AEA27B-8BEA-4E83-819A-FDAC1881928F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.6.14.3","matchCriteriaId":"41A02F84-074B-4928-A489-9995F3B51D54"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*","matchCriteriaId":"221CA950-E984-44CD-9E1B-3AADE3CEBE52"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbse960_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"6.3.7.5","matchCriteriaId":"B8720144-7894-4E95-8F1C-2842A803A34A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbse960:-:*:*:*:*:*:*:*","matchCriteriaId":"419AF785-61C6-4911-A170-6A06D7991948"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rs700_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.7.66","matchCriteriaId":"C872CADD-C2CA-4FE7-941C-8297FCFC9BAC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rs700:-:*:*:*:*:*:*:*","matchCriteriaId":"20BFC36A-1819-4878-A004-9851290B203F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.0.68","matchCriteriaId":"9C79CAF6-72D7-4778-B4B6-07C71EFD86C8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*","matchCriteriaId":"4FD4ED11-4130-47DA-8A9D-55B8F6E3E213"}]}]}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/support/product/cbr750/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/ex6120/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/ex6130/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/mr60/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/mr70/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/mr80/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/ms60/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/ms70/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/ms80/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax15/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax20/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax200/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax35v2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax38v2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax40v2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax42/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax43/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax45/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax48/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax50/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax50s/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax75/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax80/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/raxe450/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/raxe500/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr750/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr840/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr850/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbre960/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs750/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs840/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs850/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbse960/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rs700/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/xr1000/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-0419","sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","published":"2026-06-09T17:17:00.000","lastModified":"2026-06-18T17:09:54.123","vulnStatus":"Analyzed","cveTags":[{"sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"Insufficient input validation in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows users connected to the local WiFi Networks to execute operating system commands. NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no \nfurther security updates are planned. NETGEAR strongly recommends \nreplacing these devices with newer NETGEAR models to ensure continued \nsecurity support and updates.\n\n\n\nThis vulnerability has been identified through firmware emulation in a controlled research environment and has not been verified on production hardware."}],"affected":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","affectedData":[{"vendor":"NETGEAR","product":"JR6150","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0.1.26","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T00:00:00+00:00","id":"CVE-2026-0419","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:jr6150_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EA9FEFBD-FE94-41F0-809F-DF60403ED087"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*","matchCriteriaId":"D67167E5-81D2-4892-AF41-CBB6271232D1"}]}]}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/support/product/jr6150","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-0420","sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","published":"2026-06-09T17:17:00.147","lastModified":"2026-06-18T17:08:37.903","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An improper implementation of TLS certificate validation vulnerability found in NETGEAR's ReadyCloud client app which could allow an attacker to perform attacker-in-the-middle (MiTM) style attacks impacting the product's confidentiality. This vulnerability affects the listed NETGEAR models."}],"affected":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","affectedData":[{"vendor":"NETGEAR","product":"RAX120v1","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.2.9.52","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX120v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.2.9.52","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX35","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.6.106","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX38","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.6.106","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX40","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.6.106","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T17:22:54.642384Z","id":"CVE-2026-0420","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","description":[{"lang":"en","value":"CWE-325"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.9.52","matchCriteriaId":"C1EF0453-C6B3-4A73-A890-4CDA165194C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*","matchCriteriaId":"1742BD56-84E4-40E1-8C04-098B3715161E"},{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax120:1.0:*:*:*:*:*:*:*","matchCriteriaId":"25F0A065-7C24-4274-8799-FB64250AAA30"},{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax120:2.0:*:*:*:*:*:*:*","matchCriteriaId":"27A6D36F-2674-4DC4-8AB7-C592C42CF138"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax35_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.6.106","matchCriteriaId":"10E68BC5-894A-4B1C-9831-FE3F26CBFE5F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax35:-:*:*:*:*:*:*:*","matchCriteriaId":"4201E4D6-4DDF-4EF3-902A-960DFFF7C9A4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax38_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.6.106","matchCriteriaId":"AFCB6352-72B0-4709-81E1-7B1D24DB06C9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax38:-:*:*:*:*:*:*:*","matchCriteriaId":"BDA02FAE-E0C9-402F-9E7D-69EEDCC80053"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax40_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.6.106","matchCriteriaId":"8F04112C-B78E-40CE-A429-8E92F62FC478"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax40:-:*:*:*:*:*:*:*","matchCriteriaId":"13D54346-4B03-4296-B050-04EB8CFCA732"}]}]}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/support/product/rax120v2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax35/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax38/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax40/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-3088","sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","published":"2026-06-09T17:17:05.800","lastModified":"2026-06-18T15:39:23.643","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests."}],"affected":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","affectedData":[{"vendor":"NETGEAR","product":"RBR860","defaultStatus":"unaffected","versions":[{"version":"V6.3.7.10","lessThan":"V7.2.7.15","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBRE950","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"v7.2.7.15","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBRE960","defaultStatus":"unaffected","versions":[{"version":"V6.3.7.10","lessThan":"V7.2.7.15","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBE970","defaultStatus":"unaffected","versions":[{"version":"V6.3.7.10","lessThan":"V9.10.1.4","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBE971","defaultStatus":"unaffected","versions":[{"version":"V6.3.7.10","lessThan":"V9.10.1.4","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS860","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.7.15","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBSE950","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"v7.2.7.15","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBSE960","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V7.2.7.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T17:34:47.190713Z","id":"CVE-2026-3088","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbe970_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"9.10.1.4","matchCriteriaId":"1622F954-A7F9-403E-9D46-65300B35C12C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbe970:-:*:*:*:*:*:*:*","matchCriteriaId":"DE1F3088-9598-4EB5-A8A0-E0D4E529CB12"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbe971_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"9.10.1.4","matchCriteriaId":"2A130763-ECA5-49E1-A94A-047CFF83E867"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbe971:-:*:*:*:*:*:*:*","matchCriteriaId":"C3080999-19F9-4651-80F3-A6461C27E489"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr860_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.7.15","matchCriteriaId":"41C146B0-2AF8-42FF-BF2C-D66DEF25279F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr860:-:*:*:*:*:*:*:*","matchCriteriaId":"928FC2C1-4D05-495B-ACD8-1D013EB18EE6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbre950_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.7.15","matchCriteriaId":"0182977C-C2FD-4551-ACF2-FF6BB441870E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbre950:-:*:*:*:*:*:*:*","matchCriteriaId":"848E7D41-EB61-4AB3-9AED-8E35281DB464"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbre960_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.7.15","matchCriteriaId":"A20DC86E-1D91-4389-A4CC-4F0C07FED971"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbre960:-:*:*:*:*:*:*:*","matchCriteriaId":"314FF95E-5A0C-4A6B-B8D6-28546F2C1A12"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs860_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.7.15","matchCriteriaId":"2E47D8AD-C273-44B5-A5CC-A4A11B196E38"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs860:-:*:*:*:*:*:*:*","matchCriteriaId":"E6630553-D726-4524-8BD2-3EE839DE6676"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbse950_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.7.15","matchCriteriaId":"AD642F4E-4C1E-465A-B46D-7598DB007708"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbse950:-:*:*:*:*:*:*:*","matchCriteriaId":"32A3F32B-B05E-42C6-969A-0F4DD5B7942E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbse960_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.7.15","matchCriteriaId":"7EDA4DC3-9F2D-4039-978C-FDF07A445E7D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbse960:-:*:*:*:*:*:*:*","matchCriteriaId":"419AF785-61C6-4911-A170-6A06D7991948"}]}]}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/support/product/rbr860/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbre950/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbre960/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs860/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbse950/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbse960/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-9210","sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","published":"2026-06-09T17:17:51.120","lastModified":"2026-06-18T15:38:13.547","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality."}],"affected":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","affectedData":[{"vendor":"NETGEAR","product":"EX3700","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.0.100","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"EX3800","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.0.100","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"EX6120","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.0.72","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"EX6130","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.0.54","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MR60","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.7.132","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MR70","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.3.28","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MR80","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.7.14","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MS60","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.7.132","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MS70","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.3.28","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MS80","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.1.7.14","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R6400v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.4.128","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R6700v3","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.4.128","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R6900P","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.3.3.152","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R7000","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.11.216","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R7000P","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.3.3.152","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R7960P","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.4.4.92","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R8000P","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.4.4.92","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R8500","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0.2.160","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX20","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.18.144","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX35v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.12.118","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX40v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.12.118","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX41","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.12.118","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX42","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.12.118","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX43","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.12.120","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX45","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.12.118","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX48","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.12.118","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX50","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.12.120","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX50S","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.12.120","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAXE450","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.10.86","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAXE500","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.10.86","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"XR1000","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.0.68","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","baseScore":4.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T18:03:30.063423Z","id":"CVE-2026-9210","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.0.100","matchCriteriaId":"122B27B3-0C9C-407B-814E-6B818B463118"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*","matchCriteriaId":"CDAA5899-B73C-4690-853E-B5400F034BE1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.0.100","matchCriteriaId":"1616C45A-8184-42DA-ACEA-1829116BB8AE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*","matchCriteriaId":"CC5488D9-651C-4BAB-A141-06B816690D42"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.0.72","matchCriteriaId":"E36257F5-7FB4-483E-85E9-C916656606C8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*","matchCriteriaId":"8C6DFDB6-1D7A-459A-8D30-FD4900ED718B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.0.54","matchCriteriaId":"D051C059-37A5-44F5-AE4B-4138DFBA8C1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*","matchCriteriaId":"305E295C-9C73-4798-A0BE-7973E1EE5EAB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.7.132","matchCriteriaId":"3EF1385A-03C2-4D3D-9D75-E8DE3E860252"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*","matchCriteriaId":"65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:mr70_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.3.28","matchCriteriaId":"98DBBC25-220A-425A-9D25-FDF9F5D8D0E6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:mr70:-:*:*:*:*:*:*:*","matchCriteriaId":"34070FFE-F407-40FD-AACE-5C96F3055799"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:mr80_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.7.14","matchCriteriaId":"DC49CD0C-3719-4D88-9648-ECF9DDEA6681"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:mr80:-:*:*:*:*:*:*:*","matchCriteriaId":"2A086E76-3F23-4C21-AC96-F11372A8A186"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.7.132","matchCriteriaId":"61B580A7-7D84-476E-9A42-9660F0062149"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*","matchCriteriaId":"F003F064-591C-4D7C-9EC4-D0E553BC6683"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ms70_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.3.28","matchCriteriaId":"83AB7D19-6ED2-417A-B79B-C0BED0E94EDC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ms70:-:*:*:*:*:*:*:*","matchCriteriaId":"D8D33A91-19BD-4901-9DDF-A1A06E8E2B53"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ms80_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.7.14","matchCriteriaId":"DD5FC952-3B49-4872-92B7-185B26657949"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ms80:-:*:*:*:*:*:*:*","matchCriteriaId":"DE1A0669-790A-4EE7-A0DC-6E1023D6B4F9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.4.128","matchCriteriaId":"FC1E505A-2D3E-4D4B-A0EB-340F0C1FFC12"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*","matchCriteriaId":"AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.4.128","matchCriteriaId":"59CCB63C-A0DB-4DD3-B7F5-86B692925244"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*","matchCriteriaId":"C88DA385-5FAE-49EC-80D6-78F81E7EEC16"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.3.3.152","matchCriteriaId":"BBBA3274-E99E-4E05-8EAB-A19F160B7F6E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*","matchCriteriaId":"C41908FF-AE64-4949-80E3-BEE061B2DA8A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.11.216","matchCriteriaId":"9BBC48E0-E422-46FF-BA97-462A96A8B1B1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*","matchCriteriaId":"C9F86FF6-AB32-4E51-856A-DDE790C0A9A6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.3.3.152","matchCriteriaId":"DAD44722-516C-4368-AB0D-32C65756D20D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*","matchCriteriaId":"DFE55F4D-E98B-46D3-B870-041141934CD1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.4.4.92","matchCriteriaId":"CA1DDBA0-5374-4158-82D1-46364439DA44"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*","matchCriteriaId":"091CEDB5-0069-4253-86D8-B9FE17CB9F24"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.4.4.92","matchCriteriaId":"4438027B-4FC7-488C-A077-1CFACF20E847"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*","matchCriteriaId":"F7EF872D-2537-4FEB-8799-499FC9D44339"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r8500_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CF07E3BB-5FDE-4C79-A893-E6111AED30A5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*","matchCriteriaId":"63500DE4-BDBD-4F86-AB99-7DB084D0B912"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.18.144","matchCriteriaId":"459255C7-BB1F-49E5-ADCC-B95D1AF52CBE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*","matchCriteriaId":"7038703C-C79D-4DD4-8B16-E1A5FC6694C0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.12.118","matchCriteriaId":"A7BA718B-EF70-41AD-AFB3-E4D319691D7D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*","matchCriteriaId":"9358B2F2-D24E-434D-AEE5-6CE093598793"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax40v2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.12.118","matchCriteriaId":"09812CA8-060B-45A8-9444-FBD91C66796A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax40v2:-:*:*:*:*:*:*:*","matchCriteriaId":"3CEAD12D-6D90-4CFB-9E59-2CEBD400C567"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax41_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.12.118","matchCriteriaId":"67D8174B-97B6-4533-B495-25FA146D82FC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax41:-:*:*:*:*:*:*:*","matchCriteriaId":"C52C7C17-08C5-47CE-A5D5-640C6B9DB82C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax42_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.12.118","matchCriteriaId":"332644E4-6F59-4076-90D4-A6A7B7F6197F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax42:-:*:*:*:*:*:*:*","matchCriteriaId":"D83182AB-E726-4371-B092-FA1920408FED"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.12.120","matchCriteriaId":"76F8EB7B-A61F-43D1-86C1-30C6D4226EC0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*","matchCriteriaId":"178BB386-F66C-4CE8-9283-37D22B304691"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax48_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.12.118","matchCriteriaId":"2571BD32-E63B-4AD4-8BD9-44DD00B6DCC6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax48:-:*:*:*:*:*:*:*","matchCriteriaId":"09E50F2A-C46C-4875-84AB-04AA00BFA53F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.12.120","matchCriteriaId":"30962AE5-2215-45F5-B103-554442D99264"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*","matchCriteriaId":"C430976E-24C0-4EA7-BF54-F9C188AB9C01"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax50s_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.12.120","matchCriteriaId":"513DFF3C-15D7-4548-AE26-89D96DD7E438"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax50s:-:*:*:*:*:*:*:*","matchCriteriaId":"DBB69710-DA7E-4011-A61A-BA40462A041F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:raxe450_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.10.86","matchCriteriaId":"97B3E502-9591-425B-808A-C3FBA780D639"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:raxe450:-:*:*:*:*:*:*:*","matchCriteriaId":"67D7EC2C-E443-4749-854E-5BC057CA6B06"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:raxe500_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.10.86","matchCriteriaId":"4D45E858-87C7-4005-8EB2-3C3D85A30167"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:raxe500:-:*:*:*:*:*:*:*","matchCriteriaId":"6D23ADF0-05B4-4163-9666-3F470FB19E01"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.0.68","matchCriteriaId":"9C79CAF6-72D7-4778-B4B6-07C71EFD86C8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*","matchCriteriaId":"4FD4ED11-4130-47DA-8A9D-55B8F6E3E213"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.12.118","matchCriteriaId":"EB49D51C-9227-449A-A9D7-EDA3EDC0A4AA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*","matchCriteriaId":"4B08BD69-CDCC-4CEB-B887-4E47D2B45D26"}]}]}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/support/product/ex3700/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/ex3800/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/ex6120/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/ex6130/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/mr60/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/mr70/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/mr80/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/ms60/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/ms70/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/ms80/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r6400v2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r6700v3/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r6900p/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r7000/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r7000p/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r7960p/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r8000p/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r8500/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax20/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax35v2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax40v2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax41/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax42/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax43/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax45/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax48/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax50/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax50s/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/raxe450/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/raxe500/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/xr1000/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-9211","sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","published":"2026-06-09T17:17:51.380","lastModified":"2026-06-18T15:25:58.213","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation."}],"affected":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","affectedData":[{"vendor":"NETGEAR","product":"CAX30","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V2.2.1.4","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX30","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.10.94","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX5","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.5.34","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAXE300","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.10.72","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:L/U:Amber","baseScore":5.2,"baseSeverity":"MEDIUM","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T00:00:00+00:00","id":"CVE-2026-9211","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:cax30_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.2.1.4","matchCriteriaId":"7D8448B9-FB71-4C11-BAE4-7A66EF855E5A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:cax30:-:*:*:*:*:*:*:*","matchCriteriaId":"B364DF07-F847-4437-BD39-D13F2D827493"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax30_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.10.94","matchCriteriaId":"94C6B573-5355-47EE-A262-E15AE88F8DDB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax30:-:*:*:*:*:*:*:*","matchCriteriaId":"EBC92B49-60E0-4554-BE7F-D2B5D6EF6454"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax5_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.5.34","matchCriteriaId":"AA048D7E-A762-4C43-96D1-B663992D105D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax5:-:*:*:*:*:*:*:*","matchCriteriaId":"356BE5C6-8BA4-47BA-9143-C59316A6AFBD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:raxe300_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.10.72","matchCriteriaId":"3D8D31A8-65AE-4FD8-AE19-2E0294FCE384"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:raxe300:-:*:*:*:*:*:*:*","matchCriteriaId":"BD3BE955-696E-41D6-B281-1473EC803803"}]}]}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/support/product/cax30/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax30/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax5/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/raxe300/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-9212","sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","published":"2026-06-09T17:17:51.517","lastModified":"2026-06-18T15:25:07.440","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting the product's confidentiality or change certain configurations."}],"affected":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","affectedData":[{"vendor":"NETGEAR","product":"LBR1020","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V2.6.4.60","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"LBR20","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V2.7.6.8","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R6700AX","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"*","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R7800","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.4.96","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"R9000","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.6.46","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX10","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.5.50","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX10v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.5.50","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX120","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.2.10.56","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX120v1","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.2.10.56","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX120v2","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.2.10.56","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX36S","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.5.50","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX70","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.19.172","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAX78","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.19.172","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR10","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.7.6.6","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR20","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.7.6.6","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR350","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V4.4.2.1","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR40","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.7.6.6","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBR50","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.7.6.6","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS10","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.7.6.6","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS20","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.7.6.6","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS350","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V4.4.2.1","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS40","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.7.6.6","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RBS50","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.7.6.6","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"XR450","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V2.3.3.136","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"XR500","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"v2.3.3.136","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.6,"baseSeverity":"MEDIUM","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:59:30.458680Z","id":"CVE-2026-9212","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:lbr1020_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.6.4.60","matchCriteriaId":"9928046D-1A34-4004-A80F-88A5CE51041F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:lbr1020:-:*:*:*:*:*:*:*","matchCriteriaId":"953F0743-4B34-4CE9-815E-D87253720CBE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.7.6.8","matchCriteriaId":"479AE079-C8A3-4FFE-848B-2423223C8CB1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*","matchCriteriaId":"863E45EA-2DA0-4C9A-9B87-79E42B3FF97C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6700ax_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"52851C37-D867-4072-9A8F-BB34E6DD6765"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6700ax:-:*:*:*:*:*:*:*","matchCriteriaId":"F9B37178-0C67-4EF0-A9B8-5BB5B9DBFB8F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.4.96","matchCriteriaId":"61C343A3-8C29-4758-B538-FCCD5979EF35"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*","matchCriteriaId":"17CF7445-6950-45FE-9D1A-E23F63316329"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.6.46","matchCriteriaId":"811EDA82-851F-419A-A0F9-810AF7647BDD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*","matchCriteriaId":"D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax10_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.5.50","matchCriteriaId":"46BA8815-5603-46DD-BD62-3C9FFFF8CE63"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax10:-:*:*:*:*:*:*:*","matchCriteriaId":"1742F1BB-3D78-4E5E-9479-6614A56B4700"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.10.56","matchCriteriaId":"A24CB34C-E466-47D1-A8CB-56092A39162C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*","matchCriteriaId":"1742BD56-84E4-40E1-8C04-098B3715161E"},{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax120:1.0:*:*:*:*:*:*:*","matchCriteriaId":"25F0A065-7C24-4274-8799-FB64250AAA30"},{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax120:2.0:*:*:*:*:*:*:*","matchCriteriaId":"27A6D36F-2674-4DC4-8AB7-C592C42CF138"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax36s_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.5.50","matchCriteriaId":"6E431C54-0435-4796-9519-C69707345DBF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax36s:-:*:*:*:*:*:*:*","matchCriteriaId":"8FFE1A74-9BAE-410B-97BF-8E6BFF638902"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax70_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.19.172","matchCriteriaId":"B4C2C77D-5E16-450A-8ADD-5FD48FBF1E74"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax70:-:*:*:*:*:*:*:*","matchCriteriaId":"AE1314C3-4950-4F5A-9900-789710CE7F98"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax78_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.19.172","matchCriteriaId":"E3FA5B61-C4D9-421F-8884-ECBC5CAE409D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax78:-:*:*:*:*:*:*:*","matchCriteriaId":"EABDFEEF-228C-429E-9B80-B6A0CA7D5AA9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr10_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B6637D5C-E531-4FB2-8F45-825F284E14DF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*","matchCriteriaId":"5DADAA79-9A5C-4B6F-A58D-704ACD1C3334"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr20_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D849EBF7-E7AC-4E62-9A53-3C7B333D74B1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*","matchCriteriaId":"AE5DBD66-9C2A-4EFF-87AB-03E791D584B5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr350_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.4.2.1","matchCriteriaId":"A2DA73A9-36F5-424B-81B0-1534C206B14A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr350:-:*:*:*:*:*:*:*","matchCriteriaId":"C967BD79-D46C-4E73-9063-394454C33180"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr40_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"15778CDF-5D77-4178-B84B-9A91E35E2412"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*","matchCriteriaId":"A9E20E59-2B1E-4E43-A494-2C20FD716D4F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbr50_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"535174DB-D7E6-4964-BE0E-9BEA638E45BE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*","matchCriteriaId":"B2CAEA32-6934-4743-9E6B-22D52AC5E7F8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs10_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4FEC97E0-ECCF-4DE6-8DC8-5A78F58D1351"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*","matchCriteriaId":"32BAB5C0-F645-4A90-833F-6345335FA1AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs20_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5D019513-B218-437B-98EC-9334C6663565"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*","matchCriteriaId":"14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs350_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.4.2.1","matchCriteriaId":"430293AC-D18D-4637-9F0D-7DB974028E21"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs350:-:*:*:*:*:*:*:*","matchCriteriaId":"D69C0384-012F-4F3C-B5B2-EE2087C8187D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs40_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4BCB7662-27C5-431B-ADE1-3136CA099AE0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*","matchCriteriaId":"6FDCDE39-0355-43B9-BF57-F3718DA2988D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rbs50_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6C60BE75-A649-4467-9B4B-B02CB7012651"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*","matchCriteriaId":"3BCFD959-D522-4FA0-AD01-2937DAEE1EDF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.3.3.136","matchCriteriaId":"EF2AD46C-008C-44DB-BD26-81D4D105AA82"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*","matchCriteriaId":"66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.3.3.136","matchCriteriaId":"49069C22-B604-42A2-BF3E-75D90DF565D3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*","matchCriteriaId":"9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C"}]}]}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Patch","Vendor Advisory"]},{"url":"https://www.netgear.com/support/product/lbr1020/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/lbr20/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r6700ax/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r7800/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/r9000/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax10/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax120/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax120v2/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax36s/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax70/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rax78/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr10/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr20/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr350/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr40/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbr50/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs10/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs20/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs350/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs40/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/rbs50/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/xr450/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/xr500/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-9213","sourceIdentifier":"a2826606-91e7-4eb6-899e-8484bd4575d5","published":"2026-06-09T17:17:51.733","lastModified":"2026-06-18T14:57:33.357","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper with traffic between the router and the Internet, to execute code on the device."}],"affected":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","affectedData":[{"vendor":"NETGEAR","product":"MR70","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.4.48","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"MS70","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.4.48","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"RAXE500","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.2.14.114","versionType":"custom","status":"affected"}]},{"vendor":"NETGEAR","product":"XR1000","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V1.0.2.86","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T00:00:00+00:00","id":"CVE-2026-9213","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"a2826606-91e7-4eb6-899e-8484bd4575d5","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:mr70_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.4.48","matchCriteriaId":"335BE717-7B38-4BDB-8F43-3B62A1059CCE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:mr70:-:*:*:*:*:*:*:*","matchCriteriaId":"34070FFE-F407-40FD-AACE-5C96F3055799"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ms70_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.4.48","matchCriteriaId":"88C2B2F9-6C25-4CB4-8F94-7EE18EF65D94"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ms70:-:*:*:*:*:*:*:*","matchCriteriaId":"D8D33A91-19BD-4901-9DDF-A1A06E8E2B53"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:raxe500_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.14.114","matchCriteriaId":"B75B005E-469A-4AB4-A0F5-D0067D66FFA3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:raxe500:-:*:*:*:*:*:*:*","matchCriteriaId":"6D23ADF0-05B4-4163-9666-3F470FB19E01"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.2.86","matchCriteriaId":"74735961-DBE3-424F-B147-682E5C478C7F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*","matchCriteriaId":"4FD4ED11-4130-47DA-8A9D-55B8F6E3E213"}]}]}],"references":[{"url":"https://kb.netgear.com/000070811/June-2026-NETGEAR-Security-Advisory","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/support/product/mr70/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/ms70/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/raxe500/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]},{"url":"https://www.netgear.com/support/product/xr1000/","source":"a2826606-91e7-4eb6-899e-8484bd4575d5","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-9741","sourceIdentifier":"cna@mongodb.com","published":"2026-06-09T23:17:03.583","lastModified":"2026-06-18T14:32:35.830","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A bug in query analysis processing of the $vectorSearch aggregation stage for Queryable Encryption (QE) or Client-Side Field Level Encryption (CSFLE)  results in literal values for encrypted fields within the $vectorSearch stage filter expressions to be sent to the server as plaintext instead of ciphertext."}],"affected":[{"source":"cna@mongodb.com","affectedData":[{"vendor":"MongoDB","product":"MongoDB Server","defaultStatus":"unaffected","versions":[{"version":"8.3.0","lessThan":"8.3.3","versionType":"custom","status":"affected"},{"version":"8.2.0","lessThan":"8.2.10","versionType":"custom","status":"affected"},{"version":"8.0.0","lessThan":"8.0.24","versionType":"custom","status":"affected"},{"version":"7.0.0","lessThan":"7.0.35","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@mongodb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@mongodb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T13:21:22.665880Z","id":"CVE-2026-9741","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@mongodb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-319"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.35","matchCriteriaId":"4A597EDD-7227-4462-9742-EC211F3D3043"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.0.24","matchCriteriaId":"2769E44F-AA84-4942-BC40-AEA0E84BFBA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*","versionStartIncluding":"8.2.0","versionEndExcluding":"8.2.10","matchCriteriaId":"F3BDF7B8-82C8-4F03-9614-6FD73582D174"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*","versionStartIncluding":"8.3.0","versionEndExcluding":"8.3.3","matchCriteriaId":"565AB85D-0F4A-4ED3-B951-7949D7AB85A6"}]}]}],"references":[{"url":"https://jira.mongodb.org/browse/SERVER-123507","source":"cna@mongodb.com","tags":["Patch","Vendor Advisory","Issue Tracking"]}]}},{"cve":{"id":"CVE-2026-9742","sourceIdentifier":"cna@mongodb.com","published":"2026-06-09T23:17:03.727","lastModified":"2026-06-18T14:34:08.957","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When OIDC authentication is enabled in configuration, clients may set specific values in the \"mechanism\" parameter of the \"authenticate\" command that lead to server crash. The authenticate command is accessible to unauthenticated clients, leading to pre-auth denial-of-service in affected product configurations."}],"affected":[{"source":"cna@mongodb.com","affectedData":[{"vendor":"MongoDB","product":"MongoDB Server","defaultStatus":"unaffected","versions":[{"version":"8.3.0","lessThan":"8.3.3","versionType":"custom","status":"affected"},{"version":"8.2.0","lessThan":"8.2.10","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@mongodb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@mongodb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T13:21:56.386451Z","id":"CVE-2026-9742","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@mongodb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"8.2.0","versionEndExcluding":"8.2.10","matchCriteriaId":"BF13D90A-C5F8-4199-B914-0E67E160BFAB"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"8.3.0","versionEndExcluding":"8.3.3","matchCriteriaId":"56EC12EE-0326-44DA-8BEA-EBCD528FE886"}]}]}],"references":[{"url":"https://jira.mongodb.org/browse/SERVER-124183","source":"cna@mongodb.com","tags":["Patch","Vendor Advisory","Issue Tracking"]}]}},{"cve":{"id":"CVE-2026-9746","sourceIdentifier":"cna@mongodb.com","published":"2026-06-09T23:17:03.980","lastModified":"2026-06-18T14:39:42.693","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When using $changestreams and $_requestReshardingResumeToken with the exchange option the server hits an invariant which causes the server to crash. There are no special privileges needed. The user must be logged in to issue the statement."}],"affected":[{"source":"cna@mongodb.com","affectedData":[{"vendor":"MongoDB","product":"MongoDB Server","defaultStatus":"unaffected","versions":[{"version":"8.3.0","lessThan":"8.3.3","versionType":"custom","status":"affected"},{"version":"8.2.0","lessThan":"8.2.10","versionType":"custom","status":"affected"},{"version":"8.0.0","lessThan":"8.0.24","versionType":"custom","status":"affected"},{"version":"7.0.0","lessThan":"7.0.35","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@mongodb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@mongodb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T13:22:26.960784Z","id":"CVE-2026-9746","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@mongodb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-617"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.35","matchCriteriaId":"5E18B14E-2313-48F8-B01A-EE5B6FCB2454"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.0.24","matchCriteriaId":"6E432AA0-551E-40F1-B3D9-F0855A0EA3BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"8.2.0","versionEndExcluding":"8.2.10","matchCriteriaId":"BF13D90A-C5F8-4199-B914-0E67E160BFAB"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"8.3.0","versionEndExcluding":"8.3.3","matchCriteriaId":"56EC12EE-0326-44DA-8BEA-EBCD528FE886"}]}]}],"references":[{"url":"https://jira.mongodb.org/browse/SERVER-124190","source":"cna@mongodb.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-9749","sourceIdentifier":"cna@mongodb.com","published":"2026-06-09T23:17:04.380","lastModified":"2026-06-18T14:39:50.000","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"This issue can occur when running an aggregation pipeline that uses the internal $exchange stage configured with key-range partitioning and order-preserving delivery. If a single key range produces enough documents to fill its exchange buffer (that is, many results are routed to the same consumer), the server reaches the code path where a full per-consumer buffer is detected but the internal \"high watermark\" for that key range is not updated as intended."}],"affected":[{"source":"cna@mongodb.com","affectedData":[{"vendor":"MongoDB","product":"MongoDB Server","defaultStatus":"unaffected","versions":[{"version":"8.3.0","lessThan":"8.3.3","versionType":"semver","status":"affected"},{"version":"8.2.0","lessThan":"8.2.10","versionType":"semver","status":"affected"},{"version":"8.0.0","lessThan":"8.0.24","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThan":"7.0.35","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@mongodb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@mongodb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T13:32:40.481074Z","id":"CVE-2026-9749","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@mongodb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-617"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.35","matchCriteriaId":"5E18B14E-2313-48F8-B01A-EE5B6FCB2454"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.0.24","matchCriteriaId":"6E432AA0-551E-40F1-B3D9-F0855A0EA3BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"8.2.0","versionEndExcluding":"8.2.10","matchCriteriaId":"BF13D90A-C5F8-4199-B914-0E67E160BFAB"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"8.3.0","versionEndExcluding":"8.3.3","matchCriteriaId":"56EC12EE-0326-44DA-8BEA-EBCD528FE886"}]}]}],"references":[{"url":"https://jira.mongodb.org/browse/SERVER-124031","source":"cna@mongodb.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-9752","sourceIdentifier":"cna@mongodb.com","published":"2026-06-09T23:17:04.770","lastModified":"2026-06-18T14:39:55.820","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS.\n\nStrict-winding polygons are intentionally unsupported for indexing, but the guard that rejects them does not inspect members of a GeometryCollection, allowing the unsafe path to be reached which ends with an ensuing null-pointer dereference."}],"affected":[{"source":"cna@mongodb.com","affectedData":[{"vendor":"MongoDB","product":"MongoDB Server","defaultStatus":"unaffected","versions":[{"version":"8.3.0","lessThan":"8.3.3","versionType":"semver","status":"affected"},{"version":"8.2.0","lessThan":"8.2.10","versionType":"semver","status":"affected"},{"version":"8.0.0","lessThan":"8.0.24","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThan":"7.0.35","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@mongodb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@mongodb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T18:30:16.279119Z","id":"CVE-2026-9752","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@mongodb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.35","matchCriteriaId":"5E18B14E-2313-48F8-B01A-EE5B6FCB2454"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.0.24","matchCriteriaId":"6E432AA0-551E-40F1-B3D9-F0855A0EA3BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"8.2.0","versionEndExcluding":"8.2.10","matchCriteriaId":"BF13D90A-C5F8-4199-B914-0E67E160BFAB"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"8.3.0","versionEndExcluding":"8.3.3","matchCriteriaId":"56EC12EE-0326-44DA-8BEA-EBCD528FE886"}]}]}],"references":[{"url":"https://jira.mongodb.org/browse/SERVER-123440","source":"cna@mongodb.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-9753","sourceIdentifier":"cna@mongodb.com","published":"2026-06-09T23:17:04.897","lastModified":"2026-06-18T14:40:06.343","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The $_internalApplyOplogUpdate aggregation pipeline stage can be used to execute a document diff containing a malformed binary diff to return memory out-of-bounds or crash the server. $_internalApplyOplogUpdate can be executed by any authenticated user with access to the aggregate command."}],"affected":[{"source":"cna@mongodb.com","affectedData":[{"vendor":"MongoDB","product":"MongoDB Server","defaultStatus":"unaffected","versions":[{"version":"8.3.0","lessThan":"8.3.3","versionType":"semver","status":"affected"},{"version":"8.2.0","lessThan":"8.2.10","versionType":"semver","status":"affected"},{"version":"8.0.0","lessThan":"8.0.24","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThan":"7.0.35","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@mongodb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@mongodb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T18:52:57.027756Z","id":"CVE-2026-9753","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@mongodb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1287"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionEndExcluding":"7.0.35","matchCriteriaId":"F6902137-E0F7-46DC-B493-02C9B2B99457"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.0.24","matchCriteriaId":"6E432AA0-551E-40F1-B3D9-F0855A0EA3BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"8.2.0","versionEndExcluding":"8.2.10","matchCriteriaId":"BF13D90A-C5F8-4199-B914-0E67E160BFAB"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"8.3.0","versionEndExcluding":"8.3.3","matchCriteriaId":"56EC12EE-0326-44DA-8BEA-EBCD528FE886"}]}]}],"references":[{"url":"https://jira.mongodb.org/browse/SERVER-124959","source":"cna@mongodb.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-9754","sourceIdentifier":"cna@mongodb.com","published":"2026-06-09T23:17:05.023","lastModified":"2026-06-18T15:18:17.000","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command"}],"affected":[{"source":"cna@mongodb.com","affectedData":[{"vendor":"MongoDB","product":"MongoDB","defaultStatus":"unaffected","versions":[{"version":"8.3.0","lessThan":"8.3.3","versionType":"semver","status":"affected"},{"version":"8.2.0","lessThan":"8.2.10","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@mongodb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@mongodb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T18:29:32.795310Z","id":"CVE-2026-9754","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@mongodb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-457"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"8.2.0","versionEndExcluding":"8.2.10","matchCriteriaId":"BF13D90A-C5F8-4199-B914-0E67E160BFAB"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*","versionStartIncluding":"8.3.0","versionEndExcluding":"8.3.3","matchCriteriaId":"56EC12EE-0326-44DA-8BEA-EBCD528FE886"}]}]}],"references":[{"url":"https://jira.mongodb.org/browse/SERVER-122207","source":"cna@mongodb.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-3433","sourceIdentifier":"responsibledisclosure@mattermost.com","published":"2026-06-12T17:16:22.467","lastModified":"2026-06-18T14:31:31.480","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 fail to restrict role_updated websocket event broadcasts to members of the affected team or channel which allows an authenticated attacker with guest-level access to observe permission scheme change notifications for private teams they are not a member of via the websocket connection.. Mattermost Advisory ID: MMSA-2026-00616"}],"affected":[{"source":"responsibledisclosure@mattermost.com","affectedData":[{"vendor":"Mattermost","product":"Mattermost","defaultStatus":"unaffected","versions":[{"version":"11.6.0","lessThanOrEqual":"11.6.1","versionType":"semver","status":"affected"},{"version":"11.5.0","lessThanOrEqual":"11.5.4","versionType":"semver","status":"affected"},{"version":"10.11.0","lessThanOrEqual":"10.11.15","versionType":"semver","status":"affected"},{"version":"10.11.0","lessThanOrEqual":"10.11.16","versionType":"semver","status":"affected"},{"version":"11.7.0","status":"unaffected"},{"version":"11.6.2","status":"unaffected"},{"version":"11.5.5","status":"unaffected"},{"version":"10.11.16","status":"unaffected"},{"version":"10.11.17","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T17:19:43.952848Z","id":"CVE-2026-3433","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"10.11.0","versionEndExcluding":"10.11.17","matchCriteriaId":"F9018E52-5C7F-4E59-B637-604B8EECD974"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.5.0","versionEndExcluding":"11.5.5","matchCriteriaId":"DF287562-A912-43DD-8FAC-0CD8EC7BEF7E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.0","versionEndExcluding":"11.6.2","matchCriteriaId":"AFCFC389-02A5-45CD-8EEB-9ED208C0EE83"}]}]}],"references":[{"url":"https://mattermost.com/security-updates","source":"responsibledisclosure@mattermost.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-6046","sourceIdentifier":"responsibledisclosure@mattermost.com","published":"2026-06-12T17:16:26.957","lastModified":"2026-06-18T14:33:35.203","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 fail to validate that a username returned during bot registration belongs to a bot account, which allows an unprivileged attacker to intercept private messages sent by plugins via direct message channels by pre-registering a user account with a predictable plugin bot username.. Mattermost Advisory ID: MMSA-2026-00649"}],"affected":[{"source":"responsibledisclosure@mattermost.com","affectedData":[{"vendor":"Mattermost","product":"Mattermost","defaultStatus":"unaffected","versions":[{"version":"11.6.0","lessThanOrEqual":"11.6.1","versionType":"semver","status":"affected"},{"version":"11.5.0","lessThanOrEqual":"11.5.4","versionType":"semver","status":"affected"},{"version":"10.11.0","lessThanOrEqual":"10.11.15","versionType":"semver","status":"affected"},{"version":"10.11.0","lessThanOrEqual":"10.11.16","versionType":"semver","status":"affected"},{"version":"11.7.0","status":"unaffected"},{"version":"11.6.2","status":"unaffected"},{"version":"11.5.5","status":"unaffected"},{"version":"10.11.16","status":"unaffected"},{"version":"10.11.17","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T17:18:25.567701Z","id":"CVE-2026-6046","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"10.11.0","versionEndExcluding":"10.11.17","matchCriteriaId":"F9018E52-5C7F-4E59-B637-604B8EECD974"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.5.0","versionEndExcluding":"11.5.5","matchCriteriaId":"DF287562-A912-43DD-8FAC-0CD8EC7BEF7E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.0","versionEndExcluding":"11.6.2","matchCriteriaId":"AFCFC389-02A5-45CD-8EEB-9ED208C0EE83"}]}]}],"references":[{"url":"https://mattermost.com/security-updates","source":"responsibledisclosure@mattermost.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-6689","sourceIdentifier":"responsibledisclosure@mattermost.com","published":"2026-06-12T17:16:27.180","lastModified":"2026-06-18T14:34:19.950","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 Fail to enforce PermissionInviteUser when setting AllowOpenInvite or AllowedDomains during team creation (the check was only applied on update/patch), which allows an authenticated user holding PermissionCreateTeam but not PermissionInviteUser on the resulting team to configure invite-controlled team settings (make the team publicly joinable via open invite and/or constrain membership via allowed domains) that they are not permitted to set on an existing team via POST /api/v4/teams with allow_open_invite: true and/or a non-empty allowed_domains in the request body.. Mattermost Advisory ID: MMSA-2026-00655"}],"affected":[{"source":"responsibledisclosure@mattermost.com","affectedData":[{"vendor":"Mattermost","product":"Mattermost","defaultStatus":"unaffected","versions":[{"version":"11.6.0","lessThanOrEqual":"11.6.1","versionType":"semver","status":"affected"},{"version":"11.5.0","lessThanOrEqual":"11.5.4","versionType":"semver","status":"affected"},{"version":"10.11.0","lessThanOrEqual":"10.11.15","versionType":"semver","status":"affected"},{"version":"10.11.0","lessThanOrEqual":"10.11.16","versionType":"semver","status":"affected"},{"version":"11.7.0","status":"unaffected"},{"version":"11.6.2","status":"unaffected"},{"version":"11.5.5","status":"unaffected"},{"version":"10.11.16","status":"unaffected"},{"version":"10.11.17","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T17:18:46.355666Z","id":"CVE-2026-6689","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"10.11.0","versionEndExcluding":"10.11.17","matchCriteriaId":"F9018E52-5C7F-4E59-B637-604B8EECD974"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.5.0","versionEndExcluding":"11.5.5","matchCriteriaId":"DF287562-A912-43DD-8FAC-0CD8EC7BEF7E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.0","versionEndExcluding":"11.6.2","matchCriteriaId":"AFCFC389-02A5-45CD-8EEB-9ED208C0EE83"}]}]}],"references":[{"url":"https://mattermost.com/security-updates","source":"responsibledisclosure@mattermost.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-6739","sourceIdentifier":"responsibledisclosure@mattermost.com","published":"2026-06-12T17:16:27.290","lastModified":"2026-06-18T14:35:51.673","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 fail to require system-level permission when patching protected default system roles, which allows authenticated users with delegated user-management permissions to escalate privileges by altering built-in role permissions via the role patch API.. Mattermost Advisory ID: MMSA-2026-00656"}],"affected":[{"source":"responsibledisclosure@mattermost.com","affectedData":[{"vendor":"Mattermost","product":"Mattermost","defaultStatus":"unaffected","versions":[{"version":"11.6.0","lessThanOrEqual":"11.6.1","versionType":"semver","status":"affected"},{"version":"11.5.0","lessThanOrEqual":"11.5.4","versionType":"semver","status":"affected"},{"version":"10.11.0","lessThanOrEqual":"10.11.15","versionType":"semver","status":"affected"},{"version":"10.11.0","lessThanOrEqual":"10.11.16","versionType":"semver","status":"affected"},{"version":"11.7.0","status":"unaffected"},{"version":"11.6.2","status":"unaffected"},{"version":"11.5.5","status":"unaffected"},{"version":"10.11.16","status":"unaffected"},{"version":"10.11.17","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T00:00:00+00:00","id":"CVE-2026-6739","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"10.11.0","versionEndExcluding":"10.11.17","matchCriteriaId":"F9018E52-5C7F-4E59-B637-604B8EECD974"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.5.0","versionEndExcluding":"11.5.5","matchCriteriaId":"DF287562-A912-43DD-8FAC-0CD8EC7BEF7E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.0","versionEndExcluding":"11.6.2","matchCriteriaId":"AFCFC389-02A5-45CD-8EEB-9ED208C0EE83"}]}]}],"references":[{"url":"https://mattermost.com/security-updates","source":"responsibledisclosure@mattermost.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-6961","sourceIdentifier":"responsibledisclosure@mattermost.com","published":"2026-06-12T17:16:27.410","lastModified":"2026-06-18T14:40:29.493","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 Mattermost fails to sanitize FileInfo.Name received from federated peers during shared channel file sync, which allows an attacker who controls a federated server to write files to arbitrary locations within the target server's filestore via path traversal sequences in the filename field.. Mattermost Advisory ID: MMSA-2026-00661"}],"affected":[{"source":"responsibledisclosure@mattermost.com","affectedData":[{"vendor":"Mattermost","product":"Mattermost","defaultStatus":"unaffected","versions":[{"version":"11.6.0","lessThanOrEqual":"11.6.1","versionType":"semver","status":"affected"},{"version":"11.5.0","lessThanOrEqual":"11.5.4","versionType":"semver","status":"affected"},{"version":"10.11.0","lessThanOrEqual":"10.11.15","versionType":"semver","status":"affected"},{"version":"10.11.0","lessThanOrEqual":"10.11.16","versionType":"semver","status":"affected"},{"version":"11.7.0","status":"unaffected"},{"version":"11.6.2","status":"unaffected"},{"version":"11.5.5","status":"unaffected"},{"version":"10.11.16","status":"unaffected"},{"version":"10.11.17","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:L","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.3,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-13T03:56:08.575775Z","id":"CVE-2026-6961","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"10.11.0","versionEndExcluding":"10.11.17","matchCriteriaId":"F9018E52-5C7F-4E59-B637-604B8EECD974"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.5.0","versionEndExcluding":"11.5.5","matchCriteriaId":"DF287562-A912-43DD-8FAC-0CD8EC7BEF7E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.0","versionEndExcluding":"11.6.2","matchCriteriaId":"AFCFC389-02A5-45CD-8EEB-9ED208C0EE83"}]}]}],"references":[{"url":"https://mattermost.com/security-updates","source":"responsibledisclosure@mattermost.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-7184","sourceIdentifier":"responsibledisclosure@mattermost.com","published":"2026-06-12T17:16:27.530","lastModified":"2026-06-18T14:45:24.513","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15 fail to sanitize the Remote Cluster API response on PATCH operations, which allows authenticated users with the {{manage_secure_connections}} permission to obtain remote cluster authentication tokens via a PATCH request to the remote cluster endpoint.. Mattermost Advisory ID: MMSA-2026-00662"}],"affected":[{"source":"responsibledisclosure@mattermost.com","affectedData":[{"vendor":"Mattermost","product":"Mattermost","defaultStatus":"unaffected","versions":[{"version":"11.6.0","lessThanOrEqual":"11.6.1","versionType":"semver","status":"affected"},{"version":"11.5.0","lessThanOrEqual":"11.5.4","versionType":"semver","status":"affected"},{"version":"10.11.0","lessThanOrEqual":"10.11.15","versionType":"semver","status":"affected"},{"version":"11.7.0","status":"unaffected"},{"version":"11.6.2","status":"unaffected"},{"version":"11.5.5","status":"unaffected"},{"version":"10.11.17","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T17:19:06.393567Z","id":"CVE-2026-7184","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","description":[{"lang":"en","value":"CWE-201"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"10.11.0","versionEndExcluding":"10.11.17","matchCriteriaId":"F9018E52-5C7F-4E59-B637-604B8EECD974"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.5.0","versionEndExcluding":"11.5.5","matchCriteriaId":"DF287562-A912-43DD-8FAC-0CD8EC7BEF7E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.0","versionEndExcluding":"11.6.2","matchCriteriaId":"AFCFC389-02A5-45CD-8EEB-9ED208C0EE83"}]}]}],"references":[{"url":"https://mattermost.com/security-updates","source":"responsibledisclosure@mattermost.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-7387","sourceIdentifier":"responsibledisclosure@mattermost.com","published":"2026-06-12T17:16:27.653","lastModified":"2026-06-18T14:46:51.063","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 Mattermost fails to require role-management authorization when setting the scheme_admin flag on group syncable link and patch endpoints, which allows a user with group-link permissions to escalate themselves and group members to team or channel admin via crafted API requests.. Mattermost Advisory ID: MMSA-2026-00665"}],"affected":[{"source":"responsibledisclosure@mattermost.com","affectedData":[{"vendor":"Mattermost","product":"Mattermost","defaultStatus":"unaffected","versions":[{"version":"11.6.0","lessThanOrEqual":"11.6.1","versionType":"semver","status":"affected"},{"version":"11.5.0","lessThanOrEqual":"11.5.4","versionType":"semver","status":"affected"},{"version":"10.11.0","lessThanOrEqual":"10.11.15","versionType":"semver","status":"affected"},{"version":"10.11.0","lessThanOrEqual":"10.11.16","versionType":"semver","status":"affected"},{"version":"11.7.0","status":"unaffected"},{"version":"11.6.2","status":"unaffected"},{"version":"11.5.5","status":"unaffected"},{"version":"10.11.16","status":"unaffected"},{"version":"10.11.17","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T00:00:00+00:00","id":"CVE-2026-7387","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"10.11.0","versionEndExcluding":"10.11.17","matchCriteriaId":"F9018E52-5C7F-4E59-B637-604B8EECD974"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.5.0","versionEndExcluding":"11.5.5","matchCriteriaId":"DF287562-A912-43DD-8FAC-0CD8EC7BEF7E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.0","versionEndExcluding":"11.6.2","matchCriteriaId":"AFCFC389-02A5-45CD-8EEB-9ED208C0EE83"}]}]}],"references":[{"url":"https://mattermost.com/security-updates","source":"responsibledisclosure@mattermost.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-47965","sourceIdentifier":"psirt@adobe.com","published":"2026-06-12T18:16:34.913","lastModified":"2026-06-18T18:33:39.710","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."}],"affected":[{"source":"psirt@adobe.com","affectedData":[{"vendor":"Adobe","product":"Acrobat Reader","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"26.001.21651","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-15T00:00:00+00:00","id":"CVE-2026-47965","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*","versionStartIncluding":"24.0.0","versionEndExcluding":"24.001.30365","matchCriteriaId":"7E334D1F-0A7E-45F0-AE1C-AE3F38647E17"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*","versionStartIncluding":"15.008.20082","versionEndExcluding":"26.001.21651","matchCriteriaId":"447C3CAD-7BA3-4F02-AC85-D6A37E9A7678"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*","versionStartIncluding":"15.008.20082","versionEndExcluding":"26.001.21651","matchCriteriaId":"3737201F-4DEF-4C3F-A295-B7C06D5C9EC4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/acrobat/apsb26-63.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48714","sourceIdentifier":"security-advisories@github.com","published":"2026-06-15T22:16:17.550","lastModified":"2026-06-18T15:21:06.997","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"i18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. In versions prior to 3.9.7, the missingKeyHandler blocked the literal request-body keys __proto__, constructor, and prototype (added in 3.9.3, see GHSA-5fgg-jcpf-8jjw), but did not reject dotted variants such as \"__proto__.polluted\". Downstream backends that split the missing-key string on a configured keySeparator (notably i18next-fs-backend ≤ 2.6.5) hand these keys to an unguarded setPath() walker that writes to Object.prototype. Applications that expose missingKeyHandler to untrusted input AND use i18next-fs-backend ≤ 2.6.5 are directly exploitable for remote prototype pollution. Other downstream backends that split the missing-key string the same way may be similarly affected. Depending on the host application, polluted prototype properties may cause crashes, corrupted translation behaviour, configuration poisoning, or bypasses of property-based security checks. This issue has been fixed in version 3.9.7.  If developers cannot upgrade immediately, they should do the following: do not expose missingKeyHandler to untrusted users (mount it behind authentication, or remove the route), add a request-body filter ahead of the handler that rejects any top-level key containing __proto__, constructor, or prototype after splitting on their configured keySeparator, and disable missing-key persistence (saveMissing: false) when accepting writes from untrusted input."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"i18next","product":"i18next-http-middleware","versions":[{"version":"< 3.9.7","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T14:50:19.973996Z","id":"CVE-2026-48714","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1321"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:i18next:i18next-http-middleware:*:*:*:*:*:node.js:*:*","versionEndExcluding":"3.9.7","matchCriteriaId":"F932DB43-4983-4026-A91F-ED2B9FCEC383"}]}]}],"references":[{"url":"https://github.com/i18next/i18next-http-middleware/commit/7c6d26f137d3e940b8d229ca148bca38845faf49","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/i18next/i18next-http-middleware/security/advisories/GHSA-f49m-vf83-692w","source":"security-advisories@github.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-9258","sourceIdentifier":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","published":"2026-06-16T00:16:35.460","lastModified":"2026-06-18T17:08:16.017","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier"}],"affected":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","affectedData":[{"vendor":"Canon Inc.","product":"EOS Network Setting Tool for Windows","defaultStatus":"unaffected","versions":[{"version":"1.5.0 or earlier","status":"affected"}]},{"vendor":"Canon Inc.","product":"EOS Network Setting Tool for macOS","defaultStatus":"unaffected","versions":[{"version":"1.5.0 or earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T12:47:09.464807Z","id":"CVE-2026-9258","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:canon:eos_network_setting_tool:*:*:*:*:*:*:*:*","versionEndExcluding":"1.5.1","matchCriteriaId":"7B28E514-67C6-4CCF-83C8-2E43A2780C43"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://canon.jp/support/support-info/260615vulnerability-response","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]},{"url":"https://psirt.canon/advisory-information/cp2026-005/","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]},{"url":"https://www.canon-europe.com/support/product-security/","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]},{"url":"https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-9259","sourceIdentifier":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","published":"2026-06-16T00:16:35.623","lastModified":"2026-06-18T17:08:27.743","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier"}],"affected":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","affectedData":[{"vendor":"Canon Inc.","product":"EOS Network Setting Tool for Windows","defaultStatus":"unaffected","versions":[{"version":"1.5.0 or earlier","status":"affected"}]},{"vendor":"Canon Inc.","product":"EOS Network Setting Tool for macOS","defaultStatus":"unaffected","versions":[{"version":"1.5.0 or earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T12:43:13.289990Z","id":"CVE-2026-9259","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:canon:eos_network_setting_tool:*:*:*:*:*:*:*:*","versionEndExcluding":"1.5.1","matchCriteriaId":"7B28E514-67C6-4CCF-83C8-2E43A2780C43"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://canon.jp/support/support-info/260615vulnerability-response","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]},{"url":"https://psirt.canon/advisory-information/cp2026-005/","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]},{"url":"https://www.canon-europe.com/support/product-security/","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]},{"url":"https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-9260","sourceIdentifier":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","published":"2026-06-16T00:16:35.757","lastModified":"2026-06-18T17:09:16.013","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier"}],"affected":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","affectedData":[{"vendor":"Canon Inc.","product":"EOS Network Setting Tool for Windows","defaultStatus":"unaffected","versions":[{"version":"1.5.0 or earlier","status":"affected"}]},{"vendor":"Canon Inc.","product":"EOS Network Setting Tool for macOS","defaultStatus":"unaffected","versions":[{"version":"1.5.0 or earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":6.2,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.5,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T12:41:33.426171Z","id":"CVE-2026-9260","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","type":"Secondary","description":[{"lang":"en","value":"CWE-321"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:canon:eos_network_setting_tool:*:*:*:*:*:*:*:*","versionEndExcluding":"1.5.1","matchCriteriaId":"7B28E514-67C6-4CCF-83C8-2E43A2780C43"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://canon.jp/support/support-info/260615vulnerability-response","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]},{"url":"https://psirt.canon/advisory-information/cp2026-005/","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]},{"url":"https://www.canon-europe.com/support/product-security/","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]},{"url":"https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-9261","sourceIdentifier":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","published":"2026-06-16T00:16:35.887","lastModified":"2026-06-18T17:08:39.190","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier"}],"affected":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","affectedData":[{"vendor":"Canon Inc.","product":"EOS Network Setting Tool for Windows","defaultStatus":"unaffected","versions":[{"version":"1.5.0 or earlier","status":"affected"}]},{"vendor":"Canon Inc.","product":"EOS Network Setting Tool for macOS","defaultStatus":"unaffected","versions":[{"version":"1.5.0 or earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-9261","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","type":"Secondary","description":[{"lang":"en","value":"CWE-327"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:canon:eos_network_setting_tool:*:*:*:*:*:*:*:*","versionEndExcluding":"1.5.1","matchCriteriaId":"7B28E514-67C6-4CCF-83C8-2E43A2780C43"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://canon.jp/support/support-info/260615vulnerability-response","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]},{"url":"https://psirt.canon/advisory-information/cp2026-005/","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]},{"url":"https://www.canon-europe.com/support/product-security/","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]},{"url":"https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-9262","sourceIdentifier":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","published":"2026-06-16T00:16:36.020","lastModified":"2026-06-18T17:09:50.360","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier"}],"affected":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","affectedData":[{"vendor":"Canon Inc.","product":"EOS Network Setting Tool for Windows","defaultStatus":"unaffected","versions":[{"version":"1.5.0 or earlier","status":"affected"}]},{"vendor":"Canon Inc.","product":"EOS Network Setting Tool for macOS","defaultStatus":"unaffected","versions":[{"version":"1.5.0 or earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T15:01:20.368197Z","id":"CVE-2026-9262","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","type":"Secondary","description":[{"lang":"en","value":"CWE-1188"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:canon:eos_network_setting_tool:*:*:*:*:*:*:*:*","versionEndExcluding":"1.5.1","matchCriteriaId":"7B28E514-67C6-4CCF-83C8-2E43A2780C43"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://canon.jp/support/support-info/260615vulnerability-response","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]},{"url":"https://psirt.canon/advisory-information/cp2026-005/","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]},{"url":"https://www.canon-europe.com/support/product-security/","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]},{"url":"https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool","source":"f98c90f0-e9bd-4fa7-911b-51993f3571fd","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-1764","sourceIdentifier":"patrick@puiterwijk.org","published":"2026-06-16T02:16:17.103","lastModified":"2026-06-18T18:27:31.003","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the `extract_performers_tags` function can lead to a heap buffer overflow. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by triggering a read of unmapped memory. In some cases, it could also lead to information disclosure by reading visible heap data."}],"affected":[{"source":"patrick@puiterwijk.org","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tracker-miners","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tracker-miners","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tracker-miners","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"patrick@puiterwijk.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H","baseScore":5.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T14:56:27.321271Z","id":"CVE-2026-1764","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"patrick@puiterwijk.org","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:localsearch:-:*:*:*:*:*:*:*","matchCriteriaId":"4B4D34AC-1B64-4427-86E3-C378F5B3453D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-1764","source":"patrick@puiterwijk.org","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2435980","source":"patrick@puiterwijk.org","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12300","sourceIdentifier":"security@mozilla.org","published":"2026-06-16T13:16:30.267","lastModified":"2026-06-18T19:16:20.277","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152."}],"affected":[{"source":"security@mozilla.org","affectedData":[{"vendor":"Mozilla","product":"Firefox","versions":[{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Mozilla","product":"Thunderbird","versions":[{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T17:26:03.760142Z","id":"CVE-2026-12300","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"26C07C15-4B40-4068-A2F1-BE3E597D14B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"77D88ED0-AABD-4312-98B8-3D4B70226577"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1704114","source":"security@mozilla.org","tags":["Permissions Required"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-57/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-60/","source":"security@mozilla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12301","sourceIdentifier":"security@mozilla.org","published":"2026-06-16T13:16:30.363","lastModified":"2026-06-18T19:16:20.447","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152."}],"affected":[{"source":"security@mozilla.org","affectedData":[{"vendor":"Mozilla","product":"Firefox","versions":[{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Mozilla","product":"Thunderbird","versions":[{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T17:27:03.360766Z","id":"CVE-2026-12301","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"26C07C15-4B40-4068-A2F1-BE3E597D14B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"77D88ED0-AABD-4312-98B8-3D4B70226577"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015647","source":"security@mozilla.org","tags":["Permissions Required"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-57/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-60/","source":"security@mozilla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12305","sourceIdentifier":"security@mozilla.org","published":"2026-06-16T13:16:30.743","lastModified":"2026-06-18T19:16:20.600","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12."}],"affected":[{"source":"security@mozilla.org","affectedData":[{"vendor":"Mozilla","product":"Firefox","versions":[{"version":"140.12","lessThanOrEqual":"140.*","versionType":"rpm","status":"unaffected"},{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Mozilla","product":"Thunderbird","versions":[{"version":"140.12","lessThanOrEqual":"140.*","versionType":"rpm","status":"unaffected"},{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T17:30:43.501798Z","id":"CVE-2026-12305","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*","versionEndExcluding":"140.12.0","matchCriteriaId":"8FD731FB-146D-4A0A-83A3-63D926F4E653"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"26C07C15-4B40-4068-A2F1-BE3E597D14B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:esr:*:*:*","versionEndExcluding":"140.12.0","matchCriteriaId":"767E6445-0CE7-46B5-A02B-EC06D37E45F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"77D88ED0-AABD-4312-98B8-3D4B70226577"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2037290","source":"security@mozilla.org","tags":["Permissions Required"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-57/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-58/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-60/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-61/","source":"security@mozilla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12306","sourceIdentifier":"security@mozilla.org","published":"2026-06-16T13:16:30.833","lastModified":"2026-06-18T19:16:20.757","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12."}],"affected":[{"source":"security@mozilla.org","affectedData":[{"vendor":"Mozilla","product":"Firefox","versions":[{"version":"140.12","lessThanOrEqual":"140.*","versionType":"rpm","status":"unaffected"},{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Mozilla","product":"Thunderbird","versions":[{"version":"140.12","lessThanOrEqual":"140.*","versionType":"rpm","status":"unaffected"},{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T17:36:09.015688Z","id":"CVE-2026-12306","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*","versionEndExcluding":"140.12.0","matchCriteriaId":"8FD731FB-146D-4A0A-83A3-63D926F4E653"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"26C07C15-4B40-4068-A2F1-BE3E597D14B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:esr:*:*:*","versionEndExcluding":"140.12.0","matchCriteriaId":"767E6445-0CE7-46B5-A02B-EC06D37E45F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"77D88ED0-AABD-4312-98B8-3D4B70226577"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2037323","source":"security@mozilla.org","tags":["Permissions Required"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-57/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-58/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-60/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-61/","source":"security@mozilla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12307","sourceIdentifier":"security@mozilla.org","published":"2026-06-16T13:16:30.933","lastModified":"2026-06-18T19:16:20.910","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12."}],"affected":[{"source":"security@mozilla.org","affectedData":[{"vendor":"Mozilla","product":"Firefox","versions":[{"version":"140.12","lessThanOrEqual":"140.*","versionType":"rpm","status":"unaffected"},{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Mozilla","product":"Thunderbird","versions":[{"version":"140.12","lessThanOrEqual":"140.*","versionType":"rpm","status":"unaffected"},{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T17:36:38.442081Z","id":"CVE-2026-12307","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*","versionEndExcluding":"140.12.0","matchCriteriaId":"8FD731FB-146D-4A0A-83A3-63D926F4E653"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"26C07C15-4B40-4068-A2F1-BE3E597D14B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:esr:*:*:*","versionEndExcluding":"140.12.0","matchCriteriaId":"767E6445-0CE7-46B5-A02B-EC06D37E45F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"77D88ED0-AABD-4312-98B8-3D4B70226577"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2038133","source":"security@mozilla.org","tags":["Permissions Required"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-57/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-58/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-60/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-61/","source":"security@mozilla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12308","sourceIdentifier":"security@mozilla.org","published":"2026-06-16T13:16:31.053","lastModified":"2026-06-18T19:16:21.063","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12."}],"affected":[{"source":"security@mozilla.org","affectedData":[{"vendor":"Mozilla","product":"Firefox","versions":[{"version":"140.12","lessThanOrEqual":"140.*","versionType":"rpm","status":"unaffected"},{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Mozilla","product":"Thunderbird","versions":[{"version":"140.12","lessThanOrEqual":"140.*","versionType":"rpm","status":"unaffected"},{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T17:39:05.267849Z","id":"CVE-2026-12308","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*","versionEndExcluding":"140.12.0","matchCriteriaId":"8FD731FB-146D-4A0A-83A3-63D926F4E653"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"26C07C15-4B40-4068-A2F1-BE3E597D14B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:esr:*:*:*","versionEndExcluding":"140.12.0","matchCriteriaId":"767E6445-0CE7-46B5-A02B-EC06D37E45F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"77D88ED0-AABD-4312-98B8-3D4B70226577"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2038302","source":"security@mozilla.org","tags":["Permissions Required"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-57/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-58/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-60/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-61/","source":"security@mozilla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12309","sourceIdentifier":"security@mozilla.org","published":"2026-06-16T13:16:31.180","lastModified":"2026-06-18T19:16:21.220","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12."}],"affected":[{"source":"security@mozilla.org","affectedData":[{"vendor":"Mozilla","product":"Firefox","versions":[{"version":"140.12","lessThanOrEqual":"140.*","versionType":"rpm","status":"unaffected"},{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Mozilla","product":"Thunderbird","versions":[{"version":"140.12","lessThanOrEqual":"140.*","versionType":"rpm","status":"unaffected"},{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T17:39:57.781816Z","id":"CVE-2026-12309","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*","versionEndExcluding":"140.12.0","matchCriteriaId":"8FD731FB-146D-4A0A-83A3-63D926F4E653"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"26C07C15-4B40-4068-A2F1-BE3E597D14B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:esr:*:*:*","versionEndExcluding":"140.12.0","matchCriteriaId":"767E6445-0CE7-46B5-A02B-EC06D37E45F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"77D88ED0-AABD-4312-98B8-3D4B70226577"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2038476","source":"security@mozilla.org","tags":["Permissions Required"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-57/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-58/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-60/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-61/","source":"security@mozilla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12310","sourceIdentifier":"security@mozilla.org","published":"2026-06-16T13:16:31.380","lastModified":"2026-06-18T19:16:21.367","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12."}],"affected":[{"source":"security@mozilla.org","affectedData":[{"vendor":"Mozilla","product":"Firefox","versions":[{"version":"140.12","lessThanOrEqual":"140.*","versionType":"rpm","status":"unaffected"},{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Mozilla","product":"Thunderbird","versions":[{"version":"140.12","lessThanOrEqual":"140.*","versionType":"rpm","status":"unaffected"},{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T18:16:11.822831Z","id":"CVE-2026-12310","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-125"},{"lang":"en","value":"CWE-416"},{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*","versionEndExcluding":"140.12.0","matchCriteriaId":"8FD731FB-146D-4A0A-83A3-63D926F4E653"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"26C07C15-4B40-4068-A2F1-BE3E597D14B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:esr:*:*:*","versionEndExcluding":"140.12.0","matchCriteriaId":"767E6445-0CE7-46B5-A02B-EC06D37E45F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"77D88ED0-AABD-4312-98B8-3D4B70226577"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2039707","source":"security@mozilla.org","tags":["Permissions Required"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-57/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-58/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-60/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-61/","source":"security@mozilla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12312","sourceIdentifier":"security@mozilla.org","published":"2026-06-16T13:16:31.810","lastModified":"2026-06-18T19:16:21.527","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12."}],"affected":[{"source":"security@mozilla.org","affectedData":[{"vendor":"Mozilla","product":"Firefox","versions":[{"version":"140.12","lessThanOrEqual":"140.*","versionType":"rpm","status":"unaffected"},{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Mozilla","product":"Thunderbird","versions":[{"version":"140.12","lessThanOrEqual":"140.*","versionType":"rpm","status":"unaffected"},{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T18:14:59.195099Z","id":"CVE-2026-12312","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*","versionEndExcluding":"140.12.0","matchCriteriaId":"8FD731FB-146D-4A0A-83A3-63D926F4E653"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"26C07C15-4B40-4068-A2F1-BE3E597D14B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:esr:*:*:*","versionEndExcluding":"140.12.0","matchCriteriaId":"767E6445-0CE7-46B5-A02B-EC06D37E45F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"77D88ED0-AABD-4312-98B8-3D4B70226577"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2040383","source":"security@mozilla.org","tags":["Permissions Required"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-57/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-58/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-60/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-61/","source":"security@mozilla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12314","sourceIdentifier":"security@mozilla.org","published":"2026-06-16T13:16:32.037","lastModified":"2026-06-18T19:16:21.703","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12."}],"affected":[{"source":"security@mozilla.org","affectedData":[{"vendor":"Mozilla","product":"Firefox","versions":[{"version":"140.12","lessThanOrEqual":"140.*","versionType":"rpm","status":"unaffected"},{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Mozilla","product":"Thunderbird","versions":[{"version":"140.12","lessThanOrEqual":"140.*","versionType":"rpm","status":"unaffected"},{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T18:13:34.491842Z","id":"CVE-2026-12314","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-125"},{"lang":"en","value":"CWE-416"},{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*","versionEndExcluding":"140.12.0","matchCriteriaId":"8FD731FB-146D-4A0A-83A3-63D926F4E653"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"26C07C15-4B40-4068-A2F1-BE3E597D14B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:esr:*:*:*","versionEndExcluding":"140.12.0","matchCriteriaId":"767E6445-0CE7-46B5-A02B-EC06D37E45F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"77D88ED0-AABD-4312-98B8-3D4B70226577"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2041856","source":"security@mozilla.org","tags":["Permissions Required"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-57/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-58/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-60/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-61/","source":"security@mozilla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12317","sourceIdentifier":"security@mozilla.org","published":"2026-06-16T13:16:32.350","lastModified":"2026-06-18T19:16:21.870","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152."}],"affected":[{"source":"security@mozilla.org","affectedData":[{"vendor":"Mozilla","product":"Firefox","versions":[{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Mozilla","product":"Thunderbird","versions":[{"version":"152","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T18:09:27.522888Z","id":"CVE-2026-12317","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"26C07C15-4B40-4068-A2F1-BE3E597D14B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*","versionEndExcluding":"152.0.0","matchCriteriaId":"77D88ED0-AABD-4312-98B8-3D4B70226577"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2007083","source":"security@mozilla.org","tags":["Permissions Required"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-57/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-60/","source":"security@mozilla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-53846","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-16T19:17:01.653","lastModified":"2026-06-18T16:16:55.723","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OpenClaw before 2026.4.29 contains a path traversal vulnerability in the install helper that allows workspace .env files to override the npm_execpath configuration used for bundled runtime dependency installation. Attackers with workspace access can execute unintended local package-manager executables during dependency setup to compromise the build environment."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"OpenClaw","product":"OpenClaw","defaultStatus":"unaffected","repo":"https://github.com/openclaw/openclaw","packageURL":"pkg:npm/openclaw","versions":[{"version":"0","lessThan":"2026.4.29","versionType":"semver","status":"affected"},{"version":"2026.4.29","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T03:55:49.608181Z","id":"CVE-2026-53846","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-426"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*","versionEndExcluding":"2026.4.29","matchCriteriaId":"FD093CBC-6B1F-481A-B12D-0E06B0F4FF8C"},{"vulnerable":true,"criteria":"cpe:2.3:a:openclaw:openclaw:2026.4.29:beta1:*:*:*:node.js:*:*","matchCriteriaId":"06F1B1BC-A38C-40D2-A66F-BFF44FCA096E"},{"vulnerable":true,"criteria":"cpe:2.3:a:openclaw:openclaw:2026.4.29:beta2:*:*:*:node.js:*:*","matchCriteriaId":"5253E817-4E8F-4936-B94E-432908CEF8CE"},{"vulnerable":true,"criteria":"cpe:2.3:a:openclaw:openclaw:2026.4.29:beta3:*:*:*:node.js:*:*","matchCriteriaId":"1969F355-06D5-4313-86C7-DD91EE58F7BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:openclaw:openclaw:2026.4.29:beta4:*:*:*:node.js:*:*","matchCriteriaId":"A5AC7CB7-6639-4F11-8A81-3A35D334C762"}]}]}],"references":[{"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-24vr-rprv-67rf","source":"disclosure@vulncheck.com","tags":["Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/openclaw-arbitrary-package-manager-execution-via-workspace-env-npm-execpath","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-53854","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-16T19:17:02.780","lastModified":"2026-06-18T14:51:59.500","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OpenClaw before 2026.4.25 contains a privilege escalation vulnerability in internal and webchat command authentication that allows senders to inherit wildcard ownerAllowFrom state across channel boundaries. Attackers can exploit this by sending commands on affected internal or webchat paths to execute owner-style command behavior outside intended channel scope, potentially bypassing access controls."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"OpenClaw","product":"OpenClaw","defaultStatus":"unaffected","repo":"https://github.com/openclaw/openclaw","packageURL":"pkg:npm/openclaw","versions":[{"version":"0","lessThan":"2026.4.25","versionType":"semver","status":"affected"},{"version":"2026.4.25","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T19:34:17.237678Z","id":"CVE-2026-53854","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*","versionEndExcluding":"2026.4.25","matchCriteriaId":"A1C7E0A9-FE18-4FC0-B084-962ED0BC7EC6"}]}]}],"references":[{"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-4hpg-mp64-x7xq","source":"disclosure@vulncheck.com","tags":["Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-ownerallowfrom-wildcard-inheritance-in-internal-webchat-commands","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-53855","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-16T19:17:02.910","lastModified":"2026-06-18T14:51:00.267","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OpenClaw before 2026.4.2 contains an inline-eval bypass vulnerability allowing authenticated operators to weaken strict allowlist checks via shell positional parameters. Attackers can combine allowlisted tools with shell positional arguments to place inline-eval content in shell carriers outside intended allowlist rules, enabling execution of unapproved shell-provided content."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"OpenClaw","product":"OpenClaw","defaultStatus":"unaffected","repo":"https://github.com/openclaw/openclaw","packageURL":"pkg:npm/openclaw","versions":[{"version":"0","lessThan":"2026.4.2","versionType":"semver","status":"affected"},{"version":"2026.4.2","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-53855","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-184"},{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*","versionEndExcluding":"2026.4.2","matchCriteriaId":"9E93D9F1-C6FA-4AEE-AC8B-27CDEE77637C"}]}]}],"references":[{"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-5cj2-3jr2-5h77","source":"disclosure@vulncheck.com","tags":["Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/openclaw-shell-positional-parameters-bypass-in-inline-eval-checks","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-53856","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-16T19:17:03.047","lastModified":"2026-06-18T14:52:52.637","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OpenClaw 2026.4.23 before 2026.4.24 contains an insecure file permissions vulnerability in config recovery that restores OpenClaw.json with overly broad permissions. Local attackers on shared hosts can read sensitive configuration data by exploiting the recovery path to access the restored config file."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"OpenClaw","product":"OpenClaw","defaultStatus":"unaffected","repo":"https://github.com/openclaw/openclaw","packageURL":"pkg:npm/openclaw","versions":[{"version":"2026.4.23","lessThan":"2026.4.24","versionType":"semver","status":"affected"},{"version":"2026.4.24","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T18:37:06.105936Z","id":"CVE-2026-53856","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openclaw:openclaw:2026.4.23:*:*:*:*:node.js:*:*","matchCriteriaId":"A57B4A51-3576-4BBC-BB49-DFB8024D1E06"}]}]}],"references":[{"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-rwp6-7w3q-75fq","source":"disclosure@vulncheck.com","tags":["Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/openclaw-insecure-file-permissions-in-config-recovery-via-openclaw-json","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-53857","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-16T19:17:03.180","lastModified":"2026-06-18T14:44:41.247","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OpenClaw before 2026.5.3 contains a policy enforcement vulnerability where Zalo contacts with mutable display metadata could match allowFrom policy entries through display name changes. Attackers with mutable display names could receive agent responses intended for different Zalo identities when the feature is enabled."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"OpenClaw","product":"OpenClaw","defaultStatus":"unaffected","repo":"https://github.com/openclaw/openclaw","packageURL":"pkg:npm/openclaw","versions":[{"version":"0","lessThan":"2026.5.3","versionType":"semver","status":"affected"},{"version":"2026.5.3","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-53857","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-290"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*","versionEndExcluding":"2026.5.3","matchCriteriaId":"300DB64D-744E-4FE3-B0F2-2009752866C7"}]}]}],"references":[{"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-8c59-hr4w-qg69","source":"disclosure@vulncheck.com","tags":["Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/openclaw-mutable-display-name-binding-in-zalo-allowfrom-policy","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-53858","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-16T19:17:03.310","lastModified":"2026-06-18T16:16:55.863","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OpenClaw before 2026.5.2 contains an environment variable injection vulnerability where workspace .env STATE_DIRECTORY could influence bundled runtime dependency roots. Attackers can manipulate the STATE_DIRECTORY variable to load runtime dependencies from unintended local paths, potentially executing malicious code during dependency resolution."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"OpenClaw","product":"OpenClaw","defaultStatus":"unaffected","repo":"https://github.com/openclaw/openclaw","packageURL":"pkg:npm/openclaw","versions":[{"version":"0","lessThan":"2026.5.2","versionType":"semver","status":"affected"},{"version":"2026.5.2","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T03:55:59.403404Z","id":"CVE-2026-53858","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-426"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*","versionEndExcluding":"2026.5.2","matchCriteriaId":"BAA42F07-1E23-468A-943F-99A0010427FD"}]}]}],"references":[{"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-wc84-j36w-pw4x","source":"disclosure@vulncheck.com","tags":["Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/openclaw-arbitrary-runtime-dependency-loading-via-state-directory-environment-variable","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-53864","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-16T19:17:04.760","lastModified":"2026-06-18T16:16:55.997","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OpenClaw before 2026.5.26 contains an insufficient sanitization vulnerability in the host environment sanitizer that allows Node.js control variables to bypass validation. Attackers with access to workspace .env files, tool environment overrides, or skill environment blocks can pass malicious Node.js control variables to influence child processes or coverage output paths."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"OpenClaw","product":"OpenClaw","defaultStatus":"unaffected","repo":"https://github.com/openclaw/openclaw","packageURL":"pkg:npm/openclaw","versions":[{"version":"0","lessThan":"2026.5.26","versionType":"semver","status":"affected"},{"version":"2026.5.26","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T03:56:07.930445Z","id":"CVE-2026-53864","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-184"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*","versionEndExcluding":"2026.5.26","matchCriteriaId":"D84C1888-2526-4DDE-BF69-39406820F05E"},{"vulnerable":true,"criteria":"cpe:2.3:a:openclaw:openclaw:2026.5.26:beta1:*:*:*:node.js:*:*","matchCriteriaId":"89ABB777-50F9-4258-A3C0-1B028A948297"},{"vulnerable":true,"criteria":"cpe:2.3:a:openclaw:openclaw:2026.5.26:beta2:*:*:*:node.js:*:*","matchCriteriaId":"C5DEEC82-614B-42D4-BC37-B03EC17CFE70"}]}]}],"references":[{"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-ccwh-wwpp-6wg5","source":"disclosure@vulncheck.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/openclaw-insufficient-environment-variable-sanitization-in-node-js-control-variables","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-11890","sourceIdentifier":"security@devolutions.net","published":"2026-06-16T20:16:27.227","lastModified":"2026-06-18T18:33:02.217","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper access control in PAM account discovery results in Devolutions \nServer 2026.2.5, 2026.1.21 allows an authenticated user to retrieve \naccount discovery scan results."}],"affected":[{"source":"security@devolutions.net","affectedData":[{"vendor":"Devolutions","product":"Devolutions Server","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"2026.2.5","versionType":"custom","status":"affected"},{"version":"0","lessThan":"2026.1.21","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:13:28.688219Z","id":"CVE-2026-11890","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@devolutions.net","type":"Secondary","description":[{"lang":"en","value":"CWE-882"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:*","versionEndExcluding":"2026.1.22.0","matchCriteriaId":"DC3FD4D9-5EA3-4A95-AAEB-62D8276F0E6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.2.4.0","versionEndExcluding":"2026.2.7.0","matchCriteriaId":"78E3C256-48A1-4201-8CAF-1C2CEBA5AD44"}]}]}],"references":[{"url":"https://devolutions.net/security/advisories/DEVO-2026-0017/","source":"security@devolutions.net","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12105","sourceIdentifier":"security@devolutions.net","published":"2026-06-16T20:16:27.483","lastModified":"2026-06-18T18:35:53.380","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper access control in Devolutions Server 2026.2.5, 2026.1.21 allows\n an authenticated user to access attachments via folder duplication with\n inherited permissions."}],"affected":[{"source":"security@devolutions.net","affectedData":[{"vendor":"Devolutions","product":"Devolutions Server","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"2026.2.5","versionType":"custom","status":"affected"},{"version":"0","lessThan":"2026.1.21","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:15:37.905452Z","id":"CVE-2026-12105","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@devolutions.net","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:*","versionEndExcluding":"2026.1.22.0","matchCriteriaId":"DC3FD4D9-5EA3-4A95-AAEB-62D8276F0E6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.2.4.0","versionEndExcluding":"2026.2.7.0","matchCriteriaId":"78E3C256-48A1-4201-8CAF-1C2CEBA5AD44"}]}]}],"references":[{"url":"https://devolutions.net/security/advisories/DEVO-2026-0017/","source":"security@devolutions.net","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12117","sourceIdentifier":"security@devolutions.net","published":"2026-06-16T20:16:27.577","lastModified":"2026-06-18T18:30:38.233","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper access control in the social login connection endpoint in \nDevolutions Server 2026.2.5 allows an authenticated vault member to \nenumerate social login entry metadata to which they are not authorized \nvia a crafted API request."}],"affected":[{"source":"security@devolutions.net","affectedData":[{"vendor":"Devolutions","product":"Devolutions Server","defaultStatus":"unaffected","versions":[{"version":"2026.2.0","lessThan":"2026.2.5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:14:42.590567Z","id":"CVE-2026-12117","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@devolutions.net","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.2.4.0","versionEndExcluding":"2026.2.7.0","matchCriteriaId":"78E3C256-48A1-4201-8CAF-1C2CEBA5AD44"}]}]}],"references":[{"url":"https://devolutions.net/security/advisories/DEVO-2026-0017/","source":"security@devolutions.net","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-35258","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:40:17.287","lastModified":"2026-06-18T15:50:58.217","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console).  Supported versions that are affected are 14.1.2.0.0 and  15.1.1.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise WebLogic Server.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in WebLogic Server, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all WebLogic Server accessible data as well as  unauthorized access to critical data or complete access to all WebLogic Server accessible data. CVSS 3.1 Base Score 8.7 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"WebLogic Server","versions":[{"version":"14.1.2.0.0","versionType":"semver","status":"affected"},{"version":"15.1.1.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-35258","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0FCA3D99-4596-4CF0-B5E1-7A6497F83B83"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:15.1.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F538D9B4-B101-4182-8C69-F30B183DD3A2"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-35259","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:40:18.280","lastModified":"2026-06-18T15:50:33.107","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console).  Supported versions that are affected are 14.1.2.0.0 and  15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise WebLogic Server.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of WebLogic Server. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"WebLogic Server","versions":[{"version":"14.1.2.0.0","versionType":"semver","status":"affected"},{"version":"15.1.1.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-35259","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0FCA3D99-4596-4CF0-B5E1-7A6497F83B83"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:15.1.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F538D9B4-B101-4182-8C69-F30B183DD3A2"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-35262","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:40:18.493","lastModified":"2026-06-18T19:40:49.117","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Data Integrator product of Oracle Fusion Middleware (component: Market Place).  Supported versions that are affected are 12.2.1.4.0 and  14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Data Integrator.  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle Data Integrator accessible data as well as  unauthorized access to critical data or complete access to all Oracle Data Integrator accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Data Integrator. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Data Integrator","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.2.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":5.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-35262","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"9FADE563-5AAA-42FF-B43F-35B20A2386C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:data_integrator:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CFD2971F-18D1-4ABA-8EC0-DD511F8690E1"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-35263","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:40:18.600","lastModified":"2026-06-18T15:50:10.227","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are 14.1.2.0.0 and  15.1.1.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise WebLogic Server.  While the vulnerability is in WebLogic Server, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of WebLogic Server. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"WebLogic Server","versions":[{"version":"14.1.2.0.0","versionType":"semver","status":"affected"},{"version":"15.1.1.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-35263","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0FCA3D99-4596-4CF0-B5E1-7A6497F83B83"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:15.1.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F538D9B4-B101-4182-8C69-F30B183DD3A2"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-35275","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:40:19.767","lastModified":"2026-06-18T19:39:08.350","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Shared Folders).   The supported version that is affected is 7.2.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as  unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle VM VirtualBox","versions":[{"version":"7.2.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.1,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-35275","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:vm_virtualbox:7.2.8:*:*:*:*:*:*:*","matchCriteriaId":"9BE74221-0362-4A4B-8D5A-2E89E526EAB4"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-35291","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:40:21.220","lastModified":"2026-06-18T15:49:30.940","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console).  Supported versions that are affected are 14.1.2.0.0 and  15.1.1.0.0. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise WebLogic Server.  Successful attacks of this vulnerability can result in takeover of WebLogic Server. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"WebLogic Server","versions":[{"version":"14.1.2.0.0","versionType":"semver","status":"affected"},{"version":"15.1.1.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.7,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-35291","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0FCA3D99-4596-4CF0-B5E1-7A6497F83B83"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:15.1.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F538D9B4-B101-4182-8C69-F30B183DD3A2"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-35292","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:40:21.323","lastModified":"2026-06-18T15:48:58.490","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console).  Supported versions that are affected are 14.1.2.0.0 and  15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise WebLogic Server.  While the vulnerability is in WebLogic Server, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of WebLogic Server. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"WebLogic Server","versions":[{"version":"14.1.2.0.0","versionType":"semver","status":"affected"},{"version":"15.1.1.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-35292","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0FCA3D99-4596-4CF0-B5E1-7A6497F83B83"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:15.1.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F538D9B4-B101-4182-8C69-F30B183DD3A2"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-35298","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:40:21.887","lastModified":"2026-06-18T15:45:27.873","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and  15.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise WebLogic Server.  While the vulnerability is in WebLogic Server, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of WebLogic Server. CVSS 3.1 Base Score 9.1 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"WebLogic Server","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.1.0.0","versionType":"semver","status":"affected"},{"version":"14.1.2.0.0","versionType":"semver","status":"affected"},{"version":"15.1.1.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-35298","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"04BCDC24-4A21-473C-8733-0D9CFB38A752"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0FCA3D99-4596-4CF0-B5E1-7A6497F83B83"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:15.1.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F538D9B4-B101-4182-8C69-F30B183DD3A2"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-35299","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:40:21.993","lastModified":"2026-06-18T15:45:00.767","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console).  Supported versions that are affected are 12.2.1.4.0 and  14.1.1.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise WebLogic Server.  Successful attacks of this vulnerability can result in takeover of WebLogic Server. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"WebLogic Server","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.1.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-35299","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"04BCDC24-4A21-473C-8733-0D9CFB38A752"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-35300","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:40:22.100","lastModified":"2026-06-18T15:44:34.210","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and  15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise WebLogic Server.  Successful attacks of this vulnerability can result in takeover of WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"WebLogic Server","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.1.0.0","versionType":"semver","status":"affected"},{"version":"14.1.2.0.0","versionType":"semver","status":"affected"},{"version":"15.1.1.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-35300","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"04BCDC24-4A21-473C-8733-0D9CFB38A752"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0FCA3D99-4596-4CF0-B5E1-7A6497F83B83"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:15.1.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F538D9B4-B101-4182-8C69-F30B183DD3A2"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-35301","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:40:22.200","lastModified":"2026-06-18T15:44:10.817","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console).  Supported versions that are affected are 12.2.1.4.0 and  14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise WebLogic Server.  While the vulnerability is in WebLogic Server, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of WebLogic Server. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"WebLogic Server","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.1.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-35301","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"04BCDC24-4A21-473C-8733-0D9CFB38A752"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-35302","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:40:22.307","lastModified":"2026-06-18T15:42:53.523","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console).  Supported versions that are affected are 12.2.1.4.0 and  14.1.1.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise WebLogic Server.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in WebLogic Server, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of WebLogic Server. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"WebLogic Server","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.1.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-35302","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"04BCDC24-4A21-473C-8733-0D9CFB38A752"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-35327","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:40:24.923","lastModified":"2026-06-18T19:44:16.693","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server).  Supported versions that are affected are 12.2.1.4.0 and  14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle WebCenter Content.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Content, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle WebCenter Content accessible data as well as  unauthorized update, insert or delete access to some of Oracle WebCenter Content accessible data. CVSS 3.1 Base Score 7.6 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle WebCenter Content","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.2.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:34:36.841114Z","id":"CVE-2026-35327","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"FC6BB89E-DCA0-4453-A043-1987EB657451"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:webcenter_content:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B05C4A06-4CB2-4755-8B15-5B00BD24610F"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46768","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:53:54.303","lastModified":"2026-06-18T13:49:51.280","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA device).   The supported version that is affected is 7.2.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 6.0 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle VM VirtualBox","versions":[{"version":"7.2.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.5,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:34:35.600904Z","id":"CVE-2026-46768","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:vm_virtualbox:7.2.8:*:*:*:*:*:*:*","matchCriteriaId":"9BE74221-0362-4A4B-8D5A-2E89E526EAB4"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46770","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:53:54.527","lastModified":"2026-06-18T20:24:17.187","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Application Development Framework (ADF) product of Oracle Fusion Middleware (component: Security Framework).  Supported versions that are affected are 12.2.1.4.0 and  14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Development Framework (ADF).  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Application Development Framework (ADF), attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Application Development Framework (ADF) accessible data as well as  unauthorized read access to a subset of Oracle Application Development Framework (ADF) accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Application Development Framework (ADF)","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.2.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:34:34.582556Z","id":"CVE-2026-46770","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:application_development_framework:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"E3A06B63-A3BD-4A7D-94A3-7DE069B3F296"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:application_development_framework:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8721FB8-3BD1-4F53-AF00-DBB549C59A7C"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46771","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:53:54.630","lastModified":"2026-06-18T20:23:58.283","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Application Development Framework (ADF) product of Oracle Fusion Middleware (component: Java Business Objects).  Supported versions that are affected are 12.2.1.4.0 and  14.1.2.0.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Application Development Framework (ADF) executes to compromise Oracle Application Development Framework (ADF).  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle Application Development Framework (ADF) accessible data. CVSS 3.1 Base Score 4.1 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Application Development Framework (ADF)","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.2.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.5,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:34:33.562435Z","id":"CVE-2026-46771","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:application_development_framework:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"E3A06B63-A3BD-4A7D-94A3-7DE069B3F296"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:application_development_framework:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8721FB8-3BD1-4F53-AF00-DBB549C59A7C"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46772","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:53:54.737","lastModified":"2026-06-18T20:23:41.483","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Application Development Framework (ADF) product of Oracle Fusion Middleware (component: ADF Faces).  Supported versions that are affected are 12.2.1.4.0 and  14.1.2.0.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Application Development Framework (ADF) executes to compromise Oracle Application Development Framework (ADF).  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle Application Development Framework (ADF) accessible data as well as  unauthorized update, insert or delete access to some of Oracle Application Development Framework (ADF) accessible data. CVSS 3.1 Base Score 4.7 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Application Development Framework (ADF)","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.2.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":0.5,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:34:32.471493Z","id":"CVE-2026-46772","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:application_development_framework:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"E3A06B63-A3BD-4A7D-94A3-7DE069B3F296"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:application_development_framework:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8721FB8-3BD1-4F53-AF00-DBB549C59A7C"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46776","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:53:55.157","lastModified":"2026-06-18T20:29:35.570","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Unified Directory product of Oracle Fusion Middleware (component: OUD Core).  Supported versions that are affected are 12.2.1.4.0 and  14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via LDAP to compromise Oracle Unified Directory.  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle Unified Directory accessible data as well as  unauthorized read access to a subset of Oracle Unified Directory accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Unified Directory. CVSS 3.1 Base Score 8.6 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Unified Directory","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.2.1.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:11:03.149409Z","id":"CVE-2026-46776","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:unified_directory:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"BAC21315-E951-495D-A52A-29CD051D8A9A"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:unified_directory:14.1.2.1.0:*:*:*:*:*:*:*","matchCriteriaId":"8AB63BBE-A5F3-4D22-8650-6DF8A1981134"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46779","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:53:55.467","lastModified":"2026-06-18T22:29:23.920","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware (component: Client Bundle).  Supported versions that are affected are 12.2.1.4.0 and  14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via T3 to compromise Oracle WebCenter Enterprise Capture.  While the vulnerability is in Oracle WebCenter Enterprise Capture, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of Oracle WebCenter Enterprise Capture. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle WebCenter Enterprise Capture","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.2.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:44:15.860867Z","id":"CVE-2026-46779","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:webcenter_enterprise_capture:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"AAB9F9BE-3C88-442C-8C44-61074AFD9A5C"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:webcenter_enterprise_capture:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"97ECC2BF-A3F1-4011-9697-5B85CA8BBDB4"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46780","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:53:55.570","lastModified":"2026-06-18T22:33:56.683","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are 12.2.1.4.0 and  14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise WebCenter Content: Imaging.  Successful attacks of this vulnerability can result in takeover of WebCenter Content: Imaging. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"WebCenter Content: Imaging","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.2.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:44:14.406501Z","id":"CVE-2026-46780","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"FC6BB89E-DCA0-4453-A043-1987EB657451"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:webcenter_content:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B05C4A06-4CB2-4755-8B15-5B00BD24610F"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46781","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:53:55.673","lastModified":"2026-06-18T22:35:19.077","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware (component: Client Bundle).  Supported versions that are affected are 12.2.1.4.0 and  14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via RMI to compromise Oracle WebCenter Enterprise Capture.  While the vulnerability is in Oracle WebCenter Enterprise Capture, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of Oracle WebCenter Enterprise Capture. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle WebCenter Enterprise Capture","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.2.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:03:54.510607Z","id":"CVE-2026-46781","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:webcenter_enterprise_capture:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"AAB9F9BE-3C88-442C-8C44-61074AFD9A5C"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:webcenter_enterprise_capture:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"97ECC2BF-A3F1-4011-9697-5B85CA8BBDB4"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46782","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:53:55.780","lastModified":"2026-06-18T22:36:31.753","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware (component: Client Bundle).  Supported versions that are affected are 12.2.1.4.0 and  14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Enterprise Capture.  While the vulnerability is in Oracle WebCenter Enterprise Capture, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of Oracle WebCenter Enterprise Capture. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle WebCenter Enterprise Capture","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.2.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:44:13.347189Z","id":"CVE-2026-46782","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:webcenter_enterprise_capture:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"AAB9F9BE-3C88-442C-8C44-61074AFD9A5C"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:webcenter_enterprise_capture:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"97ECC2BF-A3F1-4011-9697-5B85CA8BBDB4"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46783","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:53:55.883","lastModified":"2026-06-18T22:36:48.167","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are 12.2.1.4.0 and  14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise WebCenter Content: Imaging.  Successful attacks of this vulnerability can result in takeover of WebCenter Content: Imaging. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"WebCenter Content: Imaging","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.2.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:03:53.065061Z","id":"CVE-2026-46783","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"FC6BB89E-DCA0-4453-A043-1987EB657451"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:webcenter_content:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B05C4A06-4CB2-4755-8B15-5B00BD24610F"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46784","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:53:55.987","lastModified":"2026-06-18T22:37:58.707","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are 12.2.1.4.0 and  14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise WebCenter Content: Imaging.  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all WebCenter Content: Imaging accessible data as well as  unauthorized access to critical data or complete access to all WebCenter Content: Imaging accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"WebCenter Content: Imaging","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.2.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:37:28.895436Z","id":"CVE-2026-46784","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"FC6BB89E-DCA0-4453-A043-1987EB657451"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:webcenter_content:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B05C4A06-4CB2-4755-8B15-5B00BD24610F"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46814","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:53:58.983","lastModified":"2026-06-18T14:39:50.520","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework).  Supported versions that are affected are 12.2.1.4.0 and  14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Portal.  While the vulnerability is in Oracle WebCenter Portal, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of Oracle WebCenter Portal. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle WebCenter Portal","versions":[{"version":"12.2.1.4.0","versionType":"semver","status":"affected"},{"version":"14.1.2.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:24:51.960863Z","id":"CVE-2026-46814","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"5A502118-5B2B-47AE-82EC-1999BD841103"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:webcenter_portal:14.1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5456AE6E-4139-4207-9EBD-50EAEC93F83C"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46815","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:53:59.087","lastModified":"2026-06-18T13:50:55.103","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA device).   The supported version that is affected is 7.2.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.2 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle VM VirtualBox","versions":[{"version":"7.2.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N","baseScore":3.2,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.5,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:25:37.950898Z","id":"CVE-2026-46815","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:vm_virtualbox:7.2.8:*:*:*:*:*:*:*","matchCriteriaId":"9BE74221-0362-4A4B-8D5A-2E89E526EAB4"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46816","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:53:59.190","lastModified":"2026-06-18T13:50:24.943","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA device).   The supported version that is affected is 7.2.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.2 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle VM VirtualBox","versions":[{"version":"7.2.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N","baseScore":3.2,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.5,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:27:03.060830Z","id":"CVE-2026-46816","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:vm_virtualbox:7.2.8:*:*:*:*:*:*:*","matchCriteriaId":"9BE74221-0362-4A4B-8D5A-2E89E526EAB4"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46825","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:00.143","lastModified":"2026-06-18T13:50:05.693","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA device).   The supported version that is affected is 7.2.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle VM VirtualBox","versions":[{"version":"7.2.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.5,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:27:30.757429Z","id":"CVE-2026-46825","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:vm_virtualbox:7.2.8:*:*:*:*:*:*:*","matchCriteriaId":"9BE74221-0362-4A4B-8D5A-2E89E526EAB4"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46853","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:02.910","lastModified":"2026-06-18T16:16:54.333","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Metadata Plugin).  Supported versions that are affected are 13.5 and  24.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Enterprise Manager Base Platform.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Enterprise Manager Base Platform, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle Enterprise Manager Base Platform. CVSS 3.1 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Enterprise Manager Base Platform","versions":[{"version":"13.5","versionType":"semver","status":"affected"},{"version":"24.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T03:56:33.413501Z","id":"CVE-2026-46853","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:*:*:*:*:*:*:*","matchCriteriaId":"6E8758C8-87D3-450A-878B-86CE8C9FC140"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:enterprise_manager_base_platform:24.1.0.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5DBBDACA-3980-40BA-8B4C-B554F37CF138"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46858","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:03.437","lastModified":"2026-06-18T22:40:18.040","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the APM - Application Performance Management product of Oracle Enterprise Manager (component: JADM, JVM Diagnostics).  Supported versions that are affected are 13.5 and  24.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise APM - Application Performance Management.  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all APM - Application Performance Management accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of APM - Application Performance Management. CVSS 3.1 Base Score 9.1 (Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"APM - Application Performance Management","versions":[{"version":"13.5","versionType":"semver","status":"affected"},{"version":"24.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:38:03.688111Z","id":"CVE-2026-46858","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:application_performance_management:13.5:*:*:*:*:*:*:*","matchCriteriaId":"089085A7-9F46-4666-B1AF-3B4F7E183710"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:application_performance_management:24.1:*:*:*:*:*:*:*","matchCriteriaId":"D639D165-5A5A-4845-8EE5-7A70EEFBFDE4"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46859","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:03.547","lastModified":"2026-06-18T22:40:38.030","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Security).   The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM.  Successful attacks of this vulnerability can result in takeover of Oracle Agile PLM. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Agile PLM","versions":[{"version":"9.3.6","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46859","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*","matchCriteriaId":"C650FEDB-E903-4C2D-AD40-282AB5F2E3C2"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46860","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:03.650","lastModified":"2026-06-18T22:41:22.663","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the MySQL Router product of Oracle MySQL (component: Router: General).  Supported versions that are affected are 9.0.0-9.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise MySQL Router.  Successful attacks of this vulnerability can result in takeover of MySQL Router. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"MySQL Router","versions":[{"version":"9.0.0","lessThanOrEqual":"9.7.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T03:56:44.696134Z","id":"CVE-2026-46860","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_router:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndIncluding":"9.7.0","matchCriteriaId":"419C2528-5184-43D3-937D-7338151020AB"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46861","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:03.760","lastModified":"2026-06-18T22:42:02.397","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the MySQL NDB Cluster product of Oracle MySQL (component: Cluster: NDB Operator).  Supported versions that are affected are 8.0.11-8.0.46,   8.4.0-8.4.9 and    9.0.0-9.7.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise MySQL NDB Cluster.  While the vulnerability is in MySQL NDB Cluster, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all MySQL NDB Cluster accessible data as well as  unauthorized access to critical data or complete access to all MySQL NDB Cluster accessible data. CVSS 3.1 Base Score 9.6 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"MySQL NDB Cluster","versions":[{"version":"8.0.11","lessThanOrEqual":"8.0.46","versionType":"custom","status":"affected"},{"version":"8.4.0","lessThanOrEqual":"8.4.9","versionType":"custom","status":"affected"},{"version":"9.0.0","lessThanOrEqual":"9.7.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46861","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_ndb_cluster:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.11","versionEndIncluding":"8.0.46","matchCriteriaId":"58997B42-0692-4857-A7C2-2015F53ABB9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_ndb_cluster:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0","versionEndIncluding":"8.4.9","matchCriteriaId":"E10809D4-5774-4A6F-B690-6F7088677245"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_ndb_cluster:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndIncluding":"9.7.0","matchCriteriaId":"E74BF01C-414C-454E-AC43-8A95081F0C17"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46862","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:03.863","lastModified":"2026-06-18T22:42:31.240","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the MySQL Router product of Oracle MySQL (component: Router: General).  Supported versions that are affected are 8.4.0-8.4.9 and  9.0.0-9.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise MySQL Router.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Router. CVSS 3.1 Base Score 7.5 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"MySQL Router","versions":[{"version":"8.4.0","lessThanOrEqual":"8.4.9","versionType":"custom","status":"affected"},{"version":"9.0.0","lessThanOrEqual":"9.7.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:49:11.988015Z","id":"CVE-2026-46862","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_router:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0","versionEndIncluding":"8.4.9","matchCriteriaId":"B0016D22-C0AC-4662-B14B-9EB09B951832"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_router:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndIncluding":"9.7.0","matchCriteriaId":"419C2528-5184-43D3-937D-7338151020AB"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46863","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:03.967","lastModified":"2026-06-18T22:55:55.033","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the MySQL Server, MySQL Cluster product of Oracle MySQL (component: Server: Connection Handling).  Supported versions that are affected are MySQL Server: 8.4.0-8.4.9, 9.0.0-9.7.0; MySQL Cluster: 8.0.11-8.0.46, 8.4.0-8.4.9 and  9.0.0-9.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server, MySQL Cluster.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server, MySQL Cluster. CVSS 3.1 Base Score 7.5 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"MySQL Server","versions":[{"version":"8.4.0-8.4.9","status":"affected"},{"version":"9.0.0-9.7.0","status":"affected"}]},{"vendor":"Oracle Corporation","product":"MySQL Cluster","versions":[{"version":"8.0.11-8.0.46","status":"affected"},{"version":"8.4.0-8.4.9","status":"affected"},{"version":"9.0.0-9.7.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:52:40.996015Z","id":"CVE-2026-46863","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.11","versionEndIncluding":"8.0.46","matchCriteriaId":"9BEB2B15-FC30-4677-8F72-4101162AA8A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0","versionEndIncluding":"8.4.9","matchCriteriaId":"445ABD4C-CCD1-4599-808B-6D22EF1F83BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndIncluding":"9.7.0","matchCriteriaId":"2564DD37-C49C-4316-956D-4517205F81B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0","versionEndIncluding":"8.4.9","matchCriteriaId":"7C5FEF74-463F-430C-A58E-49FDAE2D1C37"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndIncluding":"9.7.0","matchCriteriaId":"2B511F2A-7BF2-435A-BACE-0E17FFA15798"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46873","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:05.017","lastModified":"2026-06-18T13:51:15.790","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA device).   The supported version that is affected is 7.2.8. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle VM VirtualBox","versions":[{"version":"7.2.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46873","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:vm_virtualbox:7.2.8:*:*:*:*:*:*:*","matchCriteriaId":"9BE74221-0362-4A4B-8D5A-2E89E526EAB4"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46874","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:05.123","lastModified":"2026-06-18T13:51:09.353","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).   The supported version that is affected is 7.2.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.2 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle VM VirtualBox","versions":[{"version":"7.2.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N","baseScore":3.2,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.5,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:13:27.685050Z","id":"CVE-2026-46874","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:vm_virtualbox:7.2.8:*:*:*:*:*:*:*","matchCriteriaId":"9BE74221-0362-4A4B-8D5A-2E89E526EAB4"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46877","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:05.330","lastModified":"2026-06-18T13:51:02.473","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA device).   The supported version that is affected is 7.2.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle VM VirtualBox","versions":[{"version":"7.2.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.5,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:16:06.915595Z","id":"CVE-2026-46877","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:vm_virtualbox:7.2.8:*:*:*:*:*:*:*","matchCriteriaId":"9BE74221-0362-4A4B-8D5A-2E89E526EAB4"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46878","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:05.440","lastModified":"2026-06-18T22:58:35.663","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security).  Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via JDENET to compromise JD Edwards EnterpriseOne Tools.  Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"JD Edwards EnterpriseOne Tools","versions":[{"version":"9.2.0.0","lessThanOrEqual":"9.2.26.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46878","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*","versionStartIncluding":"9.2.0.0","versionEndIncluding":"9.2.26.2","matchCriteriaId":"9C06E461-DAEE-4D7A-8F64-5ED24FE41DBC"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46879","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:05.550","lastModified":"2026-06-18T22:58:47.427","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security).  Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via JDENET to compromise JD Edwards EnterpriseOne Tools.  Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"JD Edwards EnterpriseOne Tools","versions":[{"version":"9.2.0.0","lessThanOrEqual":"9.2.26.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46879","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*","versionStartIncluding":"9.2.0.0","versionEndIncluding":"9.2.26.2","matchCriteriaId":"9C06E461-DAEE-4D7A-8F64-5ED24FE41DBC"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46880","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:05.660","lastModified":"2026-06-18T17:32:04.880","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security).  Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via JDENET to compromise JD Edwards EnterpriseOne Tools.  Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"JD Edwards EnterpriseOne Tools","versions":[{"version":"9.2.0.0","lessThanOrEqual":"9.2.26.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46880","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*","versionStartIncluding":"9.2.0.0","versionEndIncluding":"9.2.26.2","matchCriteriaId":"9C06E461-DAEE-4D7A-8F64-5ED24FE41DBC"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46881","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:05.767","lastModified":"2026-06-18T17:33:37.653","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security).  Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via JDENET to compromise JD Edwards EnterpriseOne Tools.  Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"JD Edwards EnterpriseOne Tools","versions":[{"version":"9.2.0.0","lessThanOrEqual":"9.2.26.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46881","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*","versionStartIncluding":"9.2.0.0","versionEndIncluding":"9.2.26.2","matchCriteriaId":"9C06E461-DAEE-4D7A-8F64-5ED24FE41DBC"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46882","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:05.870","lastModified":"2026-06-18T17:37:17.373","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security).  Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via JDENET to compromise JD Edwards EnterpriseOne Tools.  Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"JD Edwards EnterpriseOne Tools","versions":[{"version":"9.2.0.0","lessThanOrEqual":"9.2.26.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46882","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*","versionStartIncluding":"9.2.0.0","versionEndIncluding":"9.2.26.2","matchCriteriaId":"9C06E461-DAEE-4D7A-8F64-5ED24FE41DBC"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46883","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:05.970","lastModified":"2026-06-18T17:37:43.320","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security).  Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via JDENET to compromise JD Edwards EnterpriseOne Tools.  Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"JD Edwards EnterpriseOne Tools","versions":[{"version":"9.2.0.0","lessThanOrEqual":"9.2.26.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46883","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*","versionStartIncluding":"9.2.0.0","versionEndIncluding":"9.2.26.2","matchCriteriaId":"9C06E461-DAEE-4D7A-8F64-5ED24FE41DBC"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46884","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:06.073","lastModified":"2026-06-18T22:59:05.850","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM (component: Marketing).  Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel Apps - Marketing.  Successful attacks of this vulnerability can result in takeover of Siebel Apps - Marketing. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Siebel Apps - Marketing","versions":[{"version":"17.0","lessThanOrEqual":"26.5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46884","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:siebel_apps_-_marketing:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0","versionEndIncluding":"26.5","matchCriteriaId":"5180200D-B94E-4F76-9C87-6EC1DF4D8F45"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46886","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:06.287","lastModified":"2026-06-18T22:59:26.110","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM (component: Marketing).  Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel Apps - Marketing.  Successful attacks of this vulnerability can result in takeover of Siebel Apps - Marketing. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Siebel Apps - Marketing","versions":[{"version":"17.0","lessThanOrEqual":"26.5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46886","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:siebel_apps_-_marketing:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0","versionEndIncluding":"26.5","matchCriteriaId":"5180200D-B94E-4F76-9C87-6EC1DF4D8F45"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46887","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:06.393","lastModified":"2026-06-18T22:59:40.773","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM (component: Marketing).  Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel Apps - Marketing.  Successful attacks of this vulnerability can result in takeover of Siebel Apps - Marketing. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Siebel Apps - Marketing","versions":[{"version":"17.0","lessThanOrEqual":"26.5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T03:57:02.382394Z","id":"CVE-2026-46887","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:siebel_apps_-_marketing:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0","versionEndIncluding":"26.5","matchCriteriaId":"5180200D-B94E-4F76-9C87-6EC1DF4D8F45"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46889","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:06.600","lastModified":"2026-06-18T22:59:55.710","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM (component: Marketing).  Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel Apps - Marketing.  Successful attacks of this vulnerability can result in takeover of Siebel Apps - Marketing. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Siebel Apps - Marketing","versions":[{"version":"17.0","lessThanOrEqual":"26.5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T03:57:04.680700Z","id":"CVE-2026-46889","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:siebel_apps_-_marketing:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0","versionEndIncluding":"26.5","matchCriteriaId":"5180200D-B94E-4F76-9C87-6EC1DF4D8F45"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46890","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:06.703","lastModified":"2026-06-18T21:58:03.200","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM (component: Marketing).  Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel Apps - Marketing.  Successful attacks of this vulnerability can result in takeover of Siebel Apps - Marketing. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Siebel Apps - Marketing","versions":[{"version":"17.0","lessThanOrEqual":"26.5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46890","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:siebel_apps_-_marketing:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0","versionEndIncluding":"26.5","matchCriteriaId":"5180200D-B94E-4F76-9C87-6EC1DF4D8F45"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46894","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:07.113","lastModified":"2026-06-18T17:38:09.917","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite (component: Home Page).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle iSupplier Portal.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle iSupplier Portal. CVSS 3.1 Base Score 8.0 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle iSupplier Portal","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46894","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-352"},{"lang":"en","value":"CWE-601"},{"lang":"en","value":"CWE-640"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:isupplier_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"47ED2BA9-41D7-477D-9BCB-D75147A02208"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46903","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:08.063","lastModified":"2026-06-18T20:49:45.380","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Business Logic Infrastructure Security).  Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools.  Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"JD Edwards EnterpriseOne Tools","versions":[{"version":"9.2.0.0","lessThanOrEqual":"9.2.26.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46903","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*","versionStartIncluding":"9.2.0.0","versionEndIncluding":"9.2.26.2","matchCriteriaId":"9C06E461-DAEE-4D7A-8F64-5ED24FE41DBC"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46904","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:08.167","lastModified":"2026-06-18T20:50:07.107","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security).  Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via JDENET to compromise JD Edwards EnterpriseOne Tools.  Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"JD Edwards EnterpriseOne Tools","versions":[{"version":"9.2.0.0","lessThanOrEqual":"9.2.26.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46904","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*","versionStartIncluding":"9.2.0.0","versionEndIncluding":"9.2.26.2","matchCriteriaId":"9C06E461-DAEE-4D7A-8F64-5ED24FE41DBC"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46905","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:08.277","lastModified":"2026-06-18T20:50:27.210","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime Security).  Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools.  Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"JD Edwards EnterpriseOne Tools","versions":[{"version":"9.2.0.0","lessThanOrEqual":"9.2.26.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46905","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*","versionStartIncluding":"9.2.0.0","versionEndIncluding":"9.2.26.2","matchCriteriaId":"9C06E461-DAEE-4D7A-8F64-5ED24FE41DBC"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46906","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:08.387","lastModified":"2026-06-18T20:50:43.710","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security).  Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools.  While the vulnerability is in JD Edwards EnterpriseOne Tools, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all JD Edwards EnterpriseOne Tools accessible data as well as  unauthorized access to critical data or complete access to all JD Edwards EnterpriseOne Tools accessible data. CVSS 3.1 Base Score 9.6 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"JD Edwards EnterpriseOne Tools","versions":[{"version":"9.2.0.0","lessThanOrEqual":"9.2.26.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46906","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*","versionStartIncluding":"9.2.0.0","versionEndIncluding":"9.2.26.2","matchCriteriaId":"9C06E461-DAEE-4D7A-8F64-5ED24FE41DBC"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46907","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:08.503","lastModified":"2026-06-18T22:06:20.050","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the JD Edwards EnterpriseOne Order Promising product of Oracle JD Edwards (component: Order Promising Integration).   The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Order Promising.  While the vulnerability is in JD Edwards EnterpriseOne Order Promising, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Order Promising. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"JD Edwards EnterpriseOne Order Promising","versions":[{"version":"9.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46907","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jd_edwards_enterpriseone_global_order_promising:9.2:*:*:*:*:*:*:*","matchCriteriaId":"1A90A10C-631B-4B50-BA22-3BC4F0BF6475"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46908","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:08.610","lastModified":"2026-06-18T22:06:46.960","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the JD Edwards EnterpriseOne Accounts Payable product of Oracle JD Edwards (component: Accounts Payable).   The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Accounts Payable.  While the vulnerability is in JD Edwards EnterpriseOne Accounts Payable, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Accounts Payable. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"JD Edwards EnterpriseOne Accounts Payable","versions":[{"version":"9.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46908","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jd_edwards_enterpriseone_accounts_payable:9.2:*:*:*:*:*:*:*","matchCriteriaId":"7684CBEF-5712-4409-B231-9F7714E3EFB3"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46911","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:08.920","lastModified":"2026-06-18T22:07:57.640","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the JD Edwards EnterpriseOne Project Costing product of Oracle JD Edwards (component: Job Costing).   The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via JDENET to compromise JD Edwards EnterpriseOne Project Costing.  While the vulnerability is in JD Edwards EnterpriseOne Project Costing, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all JD Edwards EnterpriseOne Project Costing accessible data as well as  unauthorized access to critical data or complete access to all JD Edwards EnterpriseOne Project Costing accessible data. CVSS 3.1 Base Score 9.6 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"JD Edwards EnterpriseOne Project Costing","versions":[{"version":"9.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46911","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jd_edwards_enterpriseone_job_cost:9.2:*:*:*:*:*:*:*","matchCriteriaId":"EBDDD3D1-BDC2-4712-AC11-2EEFAF466F4D"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46914","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:09.233","lastModified":"2026-06-18T22:08:48.160","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem).   The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle Solaris accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 7.1 (Confidentiality and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Solaris","versions":[{"version":"11.4","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T13:50:24.542734Z","id":"CVE-2026-46914","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:oracle:solaris:11.4:*:*:*:*:*:*:*","matchCriteriaId":"BC3F1DDC-DF8F-4F64-8454-C4A7C60C8462"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46915","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:09.340","lastModified":"2026-06-18T20:51:32.177","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite (component: Production).  Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair and Overhaul.  While the vulnerability is in Oracle Complex Maintenance, Repair and Overhaul, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of Oracle Complex Maintenance, Repair and Overhaul. CVSS 3.1 Base Score 8.5 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Complex Maintenance, Repair and Overhaul","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:01:50.649015Z","id":"CVE-2026-46915","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:complex_maintenance_repair_and_overhaul:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"2F24E0CB-D6C8-45AB-9F79-7E53E23E3BB0"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46916","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:09.450","lastModified":"2026-06-18T20:51:57.610","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite (component: Quality Management Specs).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Process Manufacturing Product Development.  Successful attacks of this vulnerability can result in takeover of Oracle Process Manufacturing Product Development. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Process Manufacturing Product Development","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:00:20.599351Z","id":"CVE-2026-46916","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:process_manufacturing_product_development:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"05BBBA6B-1B97-4D6B-A75F-917679E0A07B"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46918","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:09.560","lastModified":"2026-06-18T22:12:01.710","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Process Manufacturing Product Development.  While the vulnerability is in Oracle Process Manufacturing Product Development, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of Oracle Process Manufacturing Product Development. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Process Manufacturing Product Development","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T13:59:17.090124Z","id":"CVE-2026-46918","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:process_manufacturing_product_development:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"05BBBA6B-1B97-4D6B-A75F-917679E0A07B"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46919","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:09.660","lastModified":"2026-06-18T22:24:22.607","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager).  Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel CRM Cloud Applications.  Successful attacks of this vulnerability can result in takeover of Siebel CRM Cloud Applications. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Siebel CRM Cloud Applications","versions":[{"version":"17.0","lessThanOrEqual":"26.5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46919","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:siebel_cloud_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0","versionEndIncluding":"26.5","matchCriteriaId":"18ABFEA2-7A5E-4FBD-9228-32714088FEBD"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46920","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:09.763","lastModified":"2026-06-18T22:24:28.873","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager).  Supported versions that are affected are 17.0-26.5. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel CRM Cloud Applications.  Successful attacks of this vulnerability can result in takeover of Siebel CRM Cloud Applications. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Siebel CRM Cloud Applications","versions":[{"version":"17.0","lessThanOrEqual":"26.5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46920","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:siebel_cloud_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0","versionEndIncluding":"26.5","matchCriteriaId":"18ABFEA2-7A5E-4FBD-9228-32714088FEBD"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46921","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:09.863","lastModified":"2026-06-18T22:24:34.997","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager).  Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel CRM Cloud Applications.  Successful attacks of this vulnerability can result in takeover of Siebel CRM Cloud Applications. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Siebel CRM Cloud Applications","versions":[{"version":"17.0","lessThanOrEqual":"26.5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46921","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:siebel_cloud_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0","versionEndIncluding":"26.5","matchCriteriaId":"18ABFEA2-7A5E-4FBD-9228-32714088FEBD"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46922","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:09.970","lastModified":"2026-06-18T22:13:55.267","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle HR Intelligence product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle HR Intelligence.  Successful attacks of this vulnerability can result in takeover of Oracle HR Intelligence. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle HR Intelligence","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:06:08.841352Z","id":"CVE-2026-46922","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:hr_intelligence:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"60D58752-9708-4644-87E6-45D002BEC6D4"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46925","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:10.073","lastModified":"2026-06-18T22:24:42.050","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager).  Supported versions that are affected are 17.0-26.5. Difficult to exploit vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware where the Siebel CRM Cloud Applications executes to compromise Siebel CRM Cloud Applications.  While the vulnerability is in Siebel CRM Cloud Applications, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of Siebel CRM Cloud Applications. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Siebel CRM Cloud Applications","versions":[{"version":"17.0","lessThanOrEqual":"26.5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46925","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:siebel_cloud_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0","versionEndIncluding":"26.5","matchCriteriaId":"18ABFEA2-7A5E-4FBD-9228-32714088FEBD"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46926","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:10.177","lastModified":"2026-06-18T22:24:49.060","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager).  Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Siebel CRM Cloud Applications executes to compromise Siebel CRM Cloud Applications.  While the vulnerability is in Siebel CRM Cloud Applications, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of Siebel CRM Cloud Applications. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Siebel CRM Cloud Applications","versions":[{"version":"17.0","lessThanOrEqual":"26.5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.0,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46926","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:siebel_cloud_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0","versionEndIncluding":"26.5","matchCriteriaId":"18ABFEA2-7A5E-4FBD-9228-32714088FEBD"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46927","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:10.283","lastModified":"2026-06-18T22:14:33.580","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Receivables product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SOAP to compromise Oracle Receivables.  Successful attacks of this vulnerability can result in takeover of Oracle Receivables. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Receivables","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:02:52.913047Z","id":"CVE-2026-46927","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:receivables:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"689CAA25-68F0-40A0-A60C-0ECB7B93FE54"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46928","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:10.387","lastModified":"2026-06-18T22:15:00.823","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Spares Management product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle Spares Management.  Successful attacks of this vulnerability can result in takeover of Oracle Spares Management. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Spares Management","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:17:25.070988Z","id":"CVE-2026-46928","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:spares_management:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"3E0981DE-7C0E-418C-A6BF-82E040BBCF4C"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46929","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:10.497","lastModified":"2026-06-18T22:15:15.097","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost Planning).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Cost Management.  Successful attacks of this vulnerability can result in takeover of Oracle Cost Management. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Cost Management","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:15:50.613239Z","id":"CVE-2026-46929","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:cost_management:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"35C203B9-FEFF-4149-A549-E589F043EADF"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46930","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:10.613","lastModified":"2026-06-18T21:07:22.000","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle In-Memory Cost Management for Discrete Industries product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.12-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle In-Memory Cost Management for Discrete Industries.  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle In-Memory Cost Management for Discrete Industries accessible data as well as  unauthorized access to critical data or complete access to all Oracle In-Memory Cost Management for Discrete Industries accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle In-Memory Cost Management for Discrete Industries","versions":[{"version":"12.2.12","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T14:14:04.494603Z","id":"CVE-2026-46930","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:in-memory_cost_management_for_discrete_industries:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"35383BF7-25D9-45A8-94FB-2A14ADECB14D"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46933","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:12.843","lastModified":"2026-06-18T21:07:02.740","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications Manager.  While the vulnerability is in Oracle Applications Manager, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of Oracle Applications Manager. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Applications Manager","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T17:53:55.314194Z","id":"CVE-2026-46933","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:applications_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"D1DC45ED-1A55-484A-985A-B53F6884684A"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46934","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:12.953","lastModified":"2026-06-18T20:52:18.493","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair and Overhaul.  Successful attacks of this vulnerability can result in takeover of Oracle Complex Maintenance, Repair and Overhaul. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Complex Maintenance, Repair and Overhaul","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T14:05:26.916950Z","id":"CVE-2026-46934","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:complex_maintenance_repair_and_overhaul:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"2F24E0CB-D6C8-45AB-9F79-7E53E23E3BB0"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46935","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:13.077","lastModified":"2026-06-18T20:52:36.813","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair and Overhaul.  Successful attacks of this vulnerability can result in takeover of Oracle Complex Maintenance, Repair and Overhaul. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Complex Maintenance, Repair and Overhaul","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T17:51:36.779298Z","id":"CVE-2026-46935","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:complex_maintenance_repair_and_overhaul:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"2F24E0CB-D6C8-45AB-9F79-7E53E23E3BB0"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46937","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:13.180","lastModified":"2026-06-18T21:06:49.653","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle iSetup product of Oracle E-Business Suite (component: General Ledger Update Transform, Reports).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iSetup.  Successful attacks of this vulnerability can result in takeover of Oracle iSetup. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle iSetup","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T14:02:47.971941Z","id":"CVE-2026-46937","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:isetup:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"209C27EF-B61F-484C-A3D5-A3AAB0A8A51F"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46938","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:13.280","lastModified":"2026-06-18T21:06:38.987","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost Planning).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Cost Management.  Successful attacks of this vulnerability can result in takeover of Oracle Cost Management. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Cost Management","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T14:09:00.545267Z","id":"CVE-2026-46938","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:cost_management:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"35C203B9-FEFF-4149-A549-E589F043EADF"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46939","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:13.393","lastModified":"2026-06-18T21:06:26.720","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Configure to Order product of Oracle E-Business Suite (component: Supply to Order Workbench).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Configure to Order.  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle Configure to Order accessible data as well as  unauthorized access to critical data or complete access to all Oracle Configure to Order accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Configure to Order","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:48:19.486541Z","id":"CVE-2026-46939","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:configure_to_order:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"B3A4DEE8-BEB0-4F43-BD9A-2E07F270EFCE"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46940","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:13.497","lastModified":"2026-06-18T21:04:33.477","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost Planning).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Cost Management.  Successful attacks of this vulnerability can result in takeover of Oracle Cost Management. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Cost Management","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:45:25.337250Z","id":"CVE-2026-46940","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:cost_management:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"35C203B9-FEFF-4149-A549-E589F043EADF"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46942","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:13.597","lastModified":"2026-06-18T21:04:11.917","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Process Manufacturing Process Planning product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Process Manufacturing Process Planning.  Successful attacks of this vulnerability can result in takeover of Oracle Process Manufacturing Process Planning. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Process Manufacturing Process Planning","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:38:58.211451Z","id":"CVE-2026-46942","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:process_manufacturing_process_planning:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"5687E4A5-0B66-4C86-A2C3-56E185809453"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46944","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:13.700","lastModified":"2026-06-18T14:17:26.787","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle iSupport.  While the vulnerability is in Oracle iSupport, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of Oracle iSupport. CVSS 3.1 Base Score 9.1 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle iSupport","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:50:59.136429Z","id":"CVE-2026-46944","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:isupport:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndExcluding":"12.2.15","matchCriteriaId":"673C8E48-58B5-45AD-973E-62FCB1C72782"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46946","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:13.910","lastModified":"2026-06-18T19:16:23.120","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle iSupport.  While the vulnerability is in Oracle iSupport, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of Oracle iSupport. CVSS 3.1 Base Score 9.1 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle iSupport","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T17:49:13.249956Z","id":"CVE-2026-46946","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:isupport:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndExcluding":"12.2.15","matchCriteriaId":"673C8E48-58B5-45AD-973E-62FCB1C72782"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46951","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:14.320","lastModified":"2026-06-18T20:52:55.317","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Quality product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Quality.  Successful attacks of this vulnerability can result in takeover of Oracle Quality. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Quality","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T19:15:31.260442Z","id":"CVE-2026-46951","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:quality:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"178B80CD-96AB-43B2-9F1E-20651CBEDD39"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46952","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:14.430","lastModified":"2026-06-18T20:53:10.327","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Quality product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Quality.  Successful attacks of this vulnerability can result in takeover of Oracle Quality. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Quality","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T19:17:44.621385Z","id":"CVE-2026-46952","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:quality:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"178B80CD-96AB-43B2-9F1E-20651CBEDD39"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46953","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:14.533","lastModified":"2026-06-18T21:03:12.880","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle HRMS (UK) product of Oracle E-Business Suite (component: UK Payroll).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle HRMS (UK).  Successful attacks of this vulnerability can result in takeover of Oracle HRMS (UK). CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle HRMS (UK)","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T19:07:12.291654Z","id":"CVE-2026-46953","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:human_resources_management_system:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"3DC8B432-BBEA-4FB8-9B17-F768AA765A84"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46955","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:14.637","lastModified":"2026-06-18T20:58:26.793","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: Person).  Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Human Resources.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Human Resources. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Human Resources","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T18:33:18.360804Z","id":"CVE-2026-46955","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-352"},{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:human_resources:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"747453C2-D7CE-4546-A815-E1DAA5CB6261"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46956","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:14.743","lastModified":"2026-06-18T20:58:08.027","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Property Manager product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Property Manager.  Successful attacks of this vulnerability can result in takeover of Oracle Property Manager. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Property Manager","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T18:37:33.011383Z","id":"CVE-2026-46956","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:property_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"D1D18D2B-08B9-440E-BA6E-E44B8DBC7390"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46957","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:14.843","lastModified":"2026-06-18T20:57:46.447","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iSupplier Portal.  Successful attacks of this vulnerability can result in takeover of Oracle iSupplier Portal. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle iSupplier Portal","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T19:09:37.582164Z","id":"CVE-2026-46957","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:isupplier_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"47ED2BA9-41D7-477D-9BCB-D75147A02208"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46958","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:14.950","lastModified":"2026-06-18T22:17:48.640","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Subledger Accounting product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Subledger Accounting.  Successful attacks of this vulnerability can result in takeover of Oracle Subledger Accounting. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Subledger Accounting","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:41:42.754386Z","id":"CVE-2026-46958","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:subledger_accounting:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"19F867FF-0A41-4A68-952E-689EC4408CDD"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46959","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:15.053","lastModified":"2026-06-18T22:18:03.840","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Subledger Accounting product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Subledger Accounting.  Successful attacks of this vulnerability can result in takeover of Oracle Subledger Accounting. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Subledger Accounting","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T19:12:20.811972Z","id":"CVE-2026-46959","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:subledger_accounting:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"19F867FF-0A41-4A68-952E-689EC4408CDD"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46960","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:15.157","lastModified":"2026-06-18T22:18:20.400","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Project Portfolio Analysis.  Successful attacks of this vulnerability can result in takeover of Oracle Project Portfolio Analysis. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Project Portfolio Analysis","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T18:11:25.751841Z","id":"CVE-2026-46960","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:project_portfolio_analysis:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"B67CB1F0-D023-4FE3-96F3-200384B43C45"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46961","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:15.260","lastModified":"2026-06-18T22:19:08.197","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Project Portfolio Analysis.  Successful attacks of this vulnerability can result in takeover of Oracle Project Portfolio Analysis. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Project Portfolio Analysis","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T18:24:06.299081Z","id":"CVE-2026-46961","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:project_portfolio_analysis:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"B67CB1F0-D023-4FE3-96F3-200384B43C45"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46962","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:15.360","lastModified":"2026-06-18T22:19:21.040","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Project Portfolio Analysis.  Successful attacks of this vulnerability can result in takeover of Oracle Project Portfolio Analysis. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Project Portfolio Analysis","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T18:09:14.602818Z","id":"CVE-2026-46962","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:project_portfolio_analysis:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"B67CB1F0-D023-4FE3-96F3-200384B43C45"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46963","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:15.460","lastModified":"2026-06-18T22:19:46.887","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Universal Work Queue.  While the vulnerability is in Oracle Universal Work Queue, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of Oracle Universal Work Queue. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Universal Work Queue","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T18:13:36.620394Z","id":"CVE-2026-46963","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:universal_work_queue:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"8204CF3B-5ADA-4D25-BCE5-E97CB5A710DB"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46964","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:15.567","lastModified":"2026-06-18T22:20:21.350","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Universal Work Queue.  While the vulnerability is in Oracle Universal Work Queue, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of Oracle Universal Work Queue. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Universal Work Queue","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T17:40:23.531789Z","id":"CVE-2026-46964","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:universal_work_queue:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"8204CF3B-5ADA-4D25-BCE5-E97CB5A710DB"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46965","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:15.673","lastModified":"2026-06-18T22:20:33.020","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Universal Work Queue.  Successful attacks of this vulnerability can result in takeover of Oracle Universal Work Queue. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Universal Work Queue","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T17:30:52.010510Z","id":"CVE-2026-46965","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:universal_work_queue:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"8204CF3B-5ADA-4D25-BCE5-E97CB5A710DB"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46966","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:15.773","lastModified":"2026-06-18T22:20:46.933","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration).  Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Universal Work Queue.  Successful attacks of this vulnerability can result in takeover of Oracle Universal Work Queue. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Universal Work Queue","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T17:27:56.743983Z","id":"CVE-2026-46966","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:universal_work_queue:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"8204CF3B-5ADA-4D25-BCE5-E97CB5A710DB"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46967","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:15.873","lastModified":"2026-06-18T21:08:09.153","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Public Sector Financials (International) product of Oracle E-Business Suite (component: Authorization).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Public Sector Financials (International).  Successful attacks of this vulnerability can result in takeover of Oracle Public Sector Financials (International). CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Public Sector Financials (International)","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T17:36:29.213115Z","id":"CVE-2026-46967","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:public_sector_financials:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"EEDA6543-E442-45E9-BC2E-318284AA13A2"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46969","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:15.980","lastModified":"2026-06-18T21:08:52.690","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Financials for EMEA product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Financials for EMEA.  Successful attacks of this vulnerability can result in takeover of Oracle Financials for EMEA. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Financials for EMEA","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T17:15:52.973912Z","id":"CVE-2026-46969","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financials_for_emea:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"91369317-01D4-46D0-914F-E078356DA8D4"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46970","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:16.083","lastModified":"2026-06-18T22:21:04.700","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle HR Intelligence product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle HR Intelligence.  Successful attacks of this vulnerability can result in takeover of Oracle HR Intelligence. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle HR Intelligence","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:55:22.952620Z","id":"CVE-2026-46970","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:hr_intelligence:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"60D58752-9708-4644-87E6-45D002BEC6D4"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46972","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:16.287","lastModified":"2026-06-18T21:10:32.320","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Outsourced Mfg for Discrete Industries product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Outsourced Mfg for Discrete Industries.  Successful attacks of this vulnerability can result in takeover of Oracle Outsourced Mfg for Discrete Industries. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Outsourced Mfg for Discrete Industries","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:50:31.199890Z","id":"CVE-2026-46972","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:outsourced_manufacturing_for_discrete_industries:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"2CE73D9A-D00A-4D85-8B85-13BE61391A15"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46973","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:16.390","lastModified":"2026-06-18T21:11:15.567","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Outsourced Mfg for Discrete Industries product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Outsourced Mfg for Discrete Industries.  Successful attacks of this vulnerability can result in takeover of Oracle Outsourced Mfg for Discrete Industries. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Outsourced Mfg for Discrete Industries","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T18:19:37.620970Z","id":"CVE-2026-46973","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:outsourced_manufacturing_for_discrete_industries:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"2CE73D9A-D00A-4D85-8B85-13BE61391A15"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46974","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:16.493","lastModified":"2026-06-18T13:48:51.310","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).   The supported version that is affected is 7.2.8. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle VM VirtualBox","versions":[{"version":"7.2.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-46974","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:vm_virtualbox:7.2.8:*:*:*:*:*:*:*","matchCriteriaId":"9BE74221-0362-4A4B-8D5A-2E89E526EAB4"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46976","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:16.597","lastModified":"2026-06-18T21:11:30.913","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Public Sector Payroll product of Oracle E-Business Suite (component: Internal Operations).  Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Public Sector Payroll.  Successful attacks of this vulnerability can result in takeover of Oracle Public Sector Payroll. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle Public Sector Payroll","versions":[{"version":"12.2.3","lessThanOrEqual":"12.2.15","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:42:04.644702Z","id":"CVE-2026-46976","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:public_sector_payroll:*:*:*:*:*:*:*:*","versionStartIncluding":"12.2.3","versionEndIncluding":"12.2.15","matchCriteriaId":"5E8A9E5E-6675-4306-BDC0-BE838C0C6FE8"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46977","sourceIdentifier":"secalert_us@oracle.com","published":"2026-06-17T10:54:16.700","lastModified":"2026-06-18T13:48:25.637","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA device).   The supported version that is affected is 7.2.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.2 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N)."}],"affected":[{"source":"secalert_us@oracle.com","affectedData":[{"vendor":"Oracle Corporation","product":"Oracle VM VirtualBox","versions":[{"version":"7.2.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N","baseScore":3.2,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.5,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:39:21.780317Z","id":"CVE-2026-46977","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:vm_virtualbox:7.2.8:*:*:*:*:*:*:*","matchCriteriaId":"9BE74221-0362-4A4B-8D5A-2E89E526EAB4"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cspujun2026.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-11409","sourceIdentifier":"f23511db-6c3e-4e32-a477-6aa17d310630","published":"2026-06-17T13:19:33.187","lastModified":"2026-06-18T18:50:34.637","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges."}],"affected":[{"source":"f23511db-6c3e-4e32-a477-6aa17d310630","affectedData":[{"vendor":"TP-Link Systems Inc.","product":"TL-WR940N v6","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V6_260528","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f23511db-6c3e-4e32-a477-6aa17d310630","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-11409","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f23511db-6c3e-4e32-a477-6aa17d310630","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr940n_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"260528","matchCriteriaId":"2E4DC152-9198-4DAE-8170-8EC3CEB21CE9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr940n:v6:*:*:*:*:*:*:*","matchCriteriaId":"714E7A62-634A-4DF8-B5AF-D6B306808B54"}]}]}],"references":[{"url":"https://www.tp-link.com/en/support/download/tl-wr940n/v6/#Firmware","source":"f23511db-6c3e-4e32-a477-6aa17d310630","tags":["Product"]},{"url":"https://www.tp-link.com/us/support/download/tl-wr940n/v6/#Firmware","source":"f23511db-6c3e-4e32-a477-6aa17d310630","tags":["Product"]},{"url":"https://www.tp-link.com/us/support/faq/5131/","source":"f23511db-6c3e-4e32-a477-6aa17d310630","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-11410","sourceIdentifier":"f23511db-6c3e-4e32-a477-6aa17d310630","published":"2026-06-17T13:19:33.340","lastModified":"2026-06-18T18:50:42.667","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An authenticated OS command injection vulnerability exists in the BigPond Cable (BPA) WAN configuration module in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges."}],"affected":[{"source":"f23511db-6c3e-4e32-a477-6aa17d310630","affectedData":[{"vendor":"TP-Link Systems Inc.","product":"TL-WR940N v6","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"V6_260528","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f23511db-6c3e-4e32-a477-6aa17d310630","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-11410","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f23511db-6c3e-4e32-a477-6aa17d310630","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr940n_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"260528","matchCriteriaId":"2E4DC152-9198-4DAE-8170-8EC3CEB21CE9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr940n:-:*:*:*:*:*:*:*","matchCriteriaId":"93A1F9B1-C0C1-4FCC-AFD3-936E74ED6EA4"}]}]}],"references":[{"url":"https://www.tp-link.com/en/support/download/tl-wr940n/v6/#Firmware","source":"f23511db-6c3e-4e32-a477-6aa17d310630","tags":["Product"]},{"url":"https://www.tp-link.com/us/support/download/tl-wr940n/v6/#Firmware","source":"f23511db-6c3e-4e32-a477-6aa17d310630","tags":["Product"]},{"url":"https://www.tp-link.com/us/support/faq/5131/","source":"f23511db-6c3e-4e32-a477-6aa17d310630","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12437","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:19:58.863","lastModified":"2026-06-18T13:47:47.770","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in WebShare in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-12437","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/516496659","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12438","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:19:58.980","lastModified":"2026-06-18T13:47:39.107","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-12438","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-693"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/516947912","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12439","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:19:59.080","lastModified":"2026-06-18T13:47:29.730","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Digital Credentials in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-12439","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/519728275","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12440","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:19:59.187","lastModified":"2026-06-18T13:47:22.913","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in DigitalCredentials in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-12440","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/519731619","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12441","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:19:59.293","lastModified":"2026-06-18T13:47:13.653","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in File Input in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-12441","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/520157118","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12442","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:19:59.410","lastModified":"2026-06-18T13:46:17.917","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Passwords in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-12442","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/521950423","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12443","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:19:59.520","lastModified":"2026-06-18T13:46:08.443","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Web Authentication in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-12443","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/522566295","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12444","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:19:59.627","lastModified":"2026-06-18T13:47:06.400","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Out of bounds read in Chromoting in Google Chrome on Windows prior to 149.0.7827.155 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T10:54:14.668910Z","id":"CVE-2026-12444","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/513160088","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12445","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:19:59.803","lastModified":"2026-06-18T13:46:58.487","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-12445","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/513199795","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12446","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:19:59.907","lastModified":"2026-06-18T13:46:49.697","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T10:53:35.806104Z","id":"CVE-2026-12446","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/513313107","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12447","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:20:00.070","lastModified":"2026-06-18T13:45:59.650","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-12447","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/513405023","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12448","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:20:00.180","lastModified":"2026-06-18T13:45:27.543","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-12448","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/513458233","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12449","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:20:00.277","lastModified":"2026-06-18T13:45:17.380","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Chromoting in Google Chrome on Windows prior to 149.0.7827.155 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-12449","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/513480539","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12452","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:20:00.670","lastModified":"2026-06-18T13:45:00.437","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Downloads in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-12452","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/515462244","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12454","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:20:00.953","lastModified":"2026-06-18T13:44:34.877","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Race in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-12454","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-362"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/516926968","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12461","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:20:03.127","lastModified":"2026-06-18T13:44:21.133","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Out of bounds read in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T10:49:04.454130Z","id":"CVE-2026-12461","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/517727318","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12463","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:20:03.487","lastModified":"2026-06-18T13:44:09.760","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Inappropriate implementation in Views in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T13:17:18.327527Z","id":"CVE-2026-12463","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/518042749","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12466","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:20:03.843","lastModified":"2026-06-18T13:43:57.843","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Heap buffer overflow in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-12466","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/520199394","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12468","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:20:04.070","lastModified":"2026-06-18T13:43:48.940","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Race in Updater in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-12468","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-362"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/521485244","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-12469","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-06-17T13:20:04.163","lastModified":"2026-06-18T13:43:38.720","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Uninitialized Use in GPU in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"149.0.7827.155","lessThan":"149.0.7827.155","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T10:58:22.552410Z","id":"CVE-2026-12469","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Primary","description":[{"lang":"en","value":"CWE-457"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"149.0.7827.155","matchCriteriaId":"AB45CEFD-10D5-4278-B9AA-FA37CC450864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01750511403.html","source":"chrome-cve-admin@google.com","tags":["Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/521618871","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-44587","sourceIdentifier":"security-advisories@github.com","published":"2026-06-17T13:20:40.703","lastModified":"2026-06-18T15:24:29.620","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"CarrierWave is a framework to upload files from Ruby applications. In versions prior to 2.2.7 and 3.1.3, the content_type_denylist check fails to escape regex metacharacters in string entries, causing the denylist to silently not match the content types it is intended to block. In lib/carrierwave/uploader/content_type_denylist.rb:57, denylist entries are interpolated directly into a regex without Regexp.quote or anchoring, so an entry such as image/svg+xml becomes the pattern /image\\/svg+xml/, in which + is treated as a quantifier rather than a literal character and therefore never matches the real MIME type image/svg+xml. This is inconsistent with the allowlist implementation, which correctly applies both Regexp.quote and a \\A anchor. Other content types containing regex metacharacters, such as application/xhtml+xml, are affected as well. As a result, any application that relies on content_type_denylist to block image/svg+xml, most commonly to prevent stored XSS, is silently unprotected. An attacker can upload an SVG file containing arbitrary JavaScript; if the application serves that SVG inline from its own origin, the script executes in the victim's browser, resulting in stored XSS. This issue has been fixed in versions 2.2.7 and 3.1.3."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"carrierwaveuploader","product":"carrierwave","versions":[{"version":"< 2.2.7","status":"affected"},{"version":">= 3.0.0.rc, < 3.1.3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T18:06:48.640514Z","id":"CVE-2026-44587","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-184"},{"lang":"en","value":"CWE-625"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:carrierwave_project:carrierwave:*:*:*:*:*:ruby:*:*","versionEndExcluding":"2.2.7","matchCriteriaId":"668CFF1A-82AC-4AD7-B3AA-EA7771B0F1C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:carrierwave_project:carrierwave:*:*:*:*:*:ruby:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.1.3","matchCriteriaId":"BA022DA2-E783-4FDD-A120-9B022C4D3461"}]}]}],"references":[{"url":"https://github.com/carrierwaveuploader/carrierwave/commit/21221cc6e260633f7da78c6133a88666a5529d27","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/carrierwaveuploader/carrierwave/commit/4c4a005775a436c5165df014dc9b1874c227d86c","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-7g26-2qgj-chfg","source":"security-advisories@github.com","tags":["Vendor Advisory","Exploit"]},{"url":"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-7g26-2qgj-chfg","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Vendor Advisory","Exploit"]}]}},{"cve":{"id":"CVE-2026-48616","sourceIdentifier":"support@hackerone.com","published":"2026-06-17T13:20:42.600","lastModified":"2026-06-18T19:05:05.727","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Rocket.Chat versions <8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, 7.13.9, 7.10.13 has an access control vulnerability in Livechat files. Protected file downloads at /file-upload/:fileId/:name authorize livechat access using rc_room_type=l with rc_rid+rc_token, but the authorization path does not verify that rc_rid matches the requested file's rid. Furthermore, :fileId is predictable via sequential MongoDB IDs, and :name can be anything, allowing unauthenticated discovery of all uploaded files."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Rocket.Chat","product":"Rocket.Chat","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.5.1","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.4.4","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.6","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.2.6","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.1.6","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.0.7","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.9","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.10.13","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV30":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:01:32.537175Z","id":"CVE-2026-48616","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*","versionEndExcluding":"7.10.13","matchCriteriaId":"848AE1B8-5E16-4848-8C1B-51EF8676EDE5"},{"vulnerable":true,"criteria":"cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*","versionStartIncluding":"7.13.0","versionEndExcluding":"7.13.9","matchCriteriaId":"433D60B1-F51D-4F4C-8628-332A27CC7009"},{"vulnerable":true,"criteria":"cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.0.7","matchCriteriaId":"1D9D3B12-AE81-4FBD-AD25-5F97380FBA5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*","versionStartIncluding":"8.1.0","versionEndExcluding":"8.1.6","matchCriteriaId":"0803F4B6-31AA-476F-831C-71DBF8A48F2D"},{"vulnerable":true,"criteria":"cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*","versionStartIncluding":"8.2.0","versionEndExcluding":"8.2.6","matchCriteriaId":"B013E425-EA3E-4802-838D-04DAC0CC8BF2"},{"vulnerable":true,"criteria":"cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*","versionStartIncluding":"8.3.0","versionEndExcluding":"8.3.6","matchCriteriaId":"BF7B1B1C-AE07-4658-901E-0F412B0E3E31"},{"vulnerable":true,"criteria":"cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0","versionEndExcluding":"8.4.4","matchCriteriaId":"932324CF-CA75-42AE-A449-B9B3726EC187"},{"vulnerable":true,"criteria":"cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*","versionStartIncluding":"8.5.0","versionEndExcluding":"8.5.1","matchCriteriaId":"9DD0F18A-6E6E-4BEF-B72F-ED1A23E9BA66"}]}]}],"references":[{"url":"https://github.com/RocketChat/Rocket.Chat/pull/40889","source":"support@hackerone.com","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://hackerone.com/reports/3687142","source":"support@hackerone.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-48781","sourceIdentifier":"security-advisories@github.com","published":"2026-06-17T13:20:43.060","lastModified":"2026-06-18T16:16:55.310","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Postiz is an AI social media scheduling tool. In versions prior to 2.21.8, the Skool integration callback signed an attacker-controlled JSON blob into a session-shape JWT using the application's JWT_SECRET, and the auth middleware trusted every claim in that JWT without re-resolving the user from the database. Any authenticated Postiz user could forge a SUPERADMIN session and impersonate arbitrary organizations. This allowed Full Access to the following: all parts of Postiz, including users registered to the specific instance and the ability to post in the name of the victim's social media channels added to that Postiz instance. This issue has been fixed in version 2.21.8."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"gitroomhq","product":"postiz-app","versions":[{"version":"< 2.21.8","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T14:25:47.270443Z","id":"CVE-2026-48781","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-302"},{"lang":"en","value":"CWE-345"},{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"http://github.com/gitroomhq/postiz-app/releases/tag/v2.21.8","source":"security-advisories@github.com"},{"url":"https://gadvisory.org/advisories/PSA-2026-2CAQ96","source":"security-advisories@github.com"},{"url":"https://github.com/gitroomhq/postiz-app/commit/23696d2973510ae1f3f48bfa41a6bfbbf9827b05","source":"security-advisories@github.com"},{"url":"https://github.com/gitroomhq/postiz-app/security/advisories/GHSA-j77w-h625-56q2","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-48797","sourceIdentifier":"security-advisories@github.com","published":"2026-06-17T13:20:43.633","lastModified":"2026-06-18T16:16:55.427","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Backpropagate is a Python library for fine-tuning large language models on a single GPU. In versions 1.1.0 and 1.1.1, the optional Reflex web UI exposes a training control plane without authentication: dataset upload, model load, training start/stop, multi-run orchestration, GGUF export, and HuggingFace Hub push. The CLI accepts two operator-facing flags intended as security controls: --auth user:pass — documented as \"require HTTP Basic authentication on every request to the UI.\" and--share — documented as \"expose the UI on a public address; requires --auth.\" When --auth user:pass is passed, the CLI prints Auth: enabled (user: <username>) to confirm to the operator that authentication is active, then exports BACKPROPAGATE_UI_AUTH=user:pass to the subprocess that launches the Reflex backend. The Reflex backend (backpropagate/ui_app/**) never reads BACKPROPAGATE_UI_AUTH. No authentication middleware is registered. No request-level guard runs. No WebSocket upgrade guard runs. Any client that reaches the bound port — local or remote, depending on whether --share is used — has full UI access. An inline comment at backpropagate/cli.py:1217-1218 in the v1.1.0 source documents the gap: \"For Phase 1 the variable is exported but Reflex doesn't read it yet.\" This comment was internal-facing; the user-facing documentation (README, CHANGELOG, SHIP_GATE) advertised the contract as enforced. An attacker who reaches the bound port can read uploaded datasets, trigger arbitrary training runs against any local base models as well as read their paths, trigger HuggingFace Hub pushes and cause disk-fill DoS. This issue has been fixed in version 1.2.0. If developers cannot immediately upgrade to 1.2.0 run backprop ui with no flags so it binds to localhost, use SSH port-forwarding (ssh -L 7860:localhost:7860 <training-host>) instead of --share for remote access, and audit any host previously launched with --share, re-issuing any HF tokens used during those sessions."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"mcp-tool-shop-org","product":"backpropagate","versions":[{"version":">= 1.1.0, < 1.2.0","status":"affected"}]},{"vendor":"mcp-tool-shop-org","product":"@mcptoolshop/backpropagate","versions":[{"version":">= 1.1.0, < 1.2.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T14:28:28.094901Z","id":"CVE-2026-48797","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-358"},{"lang":"en","value":"CWE-862"},{"lang":"en","value":"CWE-1295"}]}],"references":[{"url":"https://github.com/mcp-tool-shop-org/backpropagate/releases/tag/v1.2.0","source":"security-advisories@github.com"},{"url":"https://github.com/mcp-tool-shop-org/backpropagate/security/advisories/GHSA-f65r-h4g3-3h9h","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-48929","sourceIdentifier":"support@hackerone.com","published":"2026-06-17T13:20:44.550","lastModified":"2026-06-18T19:04:10.583","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Rocket.Chat in versions <8.5.1, <8.4.4, <8.3.6, <8.2.6, <8.1.6, <8.0.7, <7.13.9, and <7.10.13 is vulnerable to unauthenticated file deletion. The deleteFileMessage Meteor method permanently deletes any uploaded file by ID without requiring authentication. When called via an unauthenticated DDP WebSocket connection, Meteor.userId() returns null, causing the authorization check to be skipped. Execution falls through to FileUpload.getStore('Uploads').deleteById(fileID), which removes the file from storage and database unconditionally. File IDs are discoverable from public channel message payloads and download URLs."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Rocket.Chat","product":"Rocket.Chat","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.5.1","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.4.4","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.6","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.2.6","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.1.6","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.0.7","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.9","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.10.13","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV30":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:02:38.629156Z","id":"CVE-2026-48929","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*","versionEndExcluding":"7.10.13","matchCriteriaId":"848AE1B8-5E16-4848-8C1B-51EF8676EDE5"},{"vulnerable":true,"criteria":"cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*","versionStartIncluding":"7.13.0","versionEndExcluding":"7.13.9","matchCriteriaId":"433D60B1-F51D-4F4C-8628-332A27CC7009"},{"vulnerable":true,"criteria":"cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.0.7","matchCriteriaId":"1D9D3B12-AE81-4FBD-AD25-5F97380FBA5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*","versionStartIncluding":"8.1.0","versionEndExcluding":"8.1.6","matchCriteriaId":"0803F4B6-31AA-476F-831C-71DBF8A48F2D"},{"vulnerable":true,"criteria":"cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*","versionStartIncluding":"8.2.0","versionEndExcluding":"8.2.6","matchCriteriaId":"B013E425-EA3E-4802-838D-04DAC0CC8BF2"},{"vulnerable":true,"criteria":"cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*","versionStartIncluding":"8.3.0","versionEndExcluding":"8.3.6","matchCriteriaId":"BF7B1B1C-AE07-4658-901E-0F412B0E3E31"},{"vulnerable":true,"criteria":"cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0","versionEndExcluding":"8.4.4","matchCriteriaId":"932324CF-CA75-42AE-A449-B9B3726EC187"},{"vulnerable":true,"criteria":"cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*","versionStartIncluding":"8.5.0","versionEndExcluding":"8.5.1","matchCriteriaId":"9DD0F18A-6E6E-4BEF-B72F-ED1A23E9BA66"}]}]}],"references":[{"url":"https://github.com/RocketChat/Rocket.Chat/pull/40889/","source":"support@hackerone.com","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://hackerone.com/reports/3611837","source":"support@hackerone.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-49268","sourceIdentifier":"security@apache.org","published":"2026-06-17T14:17:56.903","lastModified":"2026-06-18T14:45:04.303","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A remote attacker can inject LDAP special characters into the Distinguished Name (DN) construction in DefaultLdapRealm class. User-supplied username input is directly concatenated into the LDAP DN template without any escaping of RFC 2253 special characters. This allows an attacker to manipulate the DN structure used for LDAP bind authentication, potentially bypassing authentication or impersonating other users.\n\nThis issue affects all Apache Shiro versions through 2.2.0, and 3.0.0-alpha-1 when using DefaultLdapRealm\nUpgrade to Apache Shiro 2.2.1 or 3.0.0-alpha-2 or later, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Shiro","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.shiro:shiro-core","versions":[{"version":"0","lessThanOrEqual":"2.2.0","versionType":"semver","status":"affected"},{"version":"3.0.0-alpha-0","lessThanOrEqual":"3.0.0-alpha-1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@apache.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:A/V:X/RE:L/U:Red","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"PRESENT","Automatable":"YES","Recovery":"AUTOMATIC","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"LOW","providerUrgency":"RED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:02:25.313149Z","id":"CVE-2026-49268","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-90"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:shiro:*:*:*:*:*:*:*:*","versionEndExcluding":"2.2.1","matchCriteriaId":"0334436B-3B01-4618-8F44-5EB68F3952B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:shiro:3.0.0:alpha1:*:*:*:*:*:*","matchCriteriaId":"C79C762D-108B-4C23-BEAF-0115D43D83BD"}]}]}],"references":[{"url":"https://lists.apache.org/thread/svszql3od8td7hn6conyj2oq70v53b5s","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/06/17/8","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-9591","sourceIdentifier":"596c5446-0ce5-4ba2-aa66-48b3b757a647","published":"2026-06-17T14:18:00.227","lastModified":"2026-06-18T14:17:37.250","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site request forgery (CSRF) in NewsItemApiController in SimplCommerce prior to commit 6233d73e allows an unauthenticated remote attacker to create or modify news items as an administrator via a crafted form submitted to `/api/news-items`, due to missing anti-CSRF protection."}],"affected":[{"source":"596c5446-0ce5-4ba2-aa66-48b3b757a647","affectedData":[{"vendor":"simplcommerce","product":"SimplCommerce","defaultStatus":"affected","repo":"https://github.com/simplcommerce/SimplCommerce","versions":[{"version":"0","lessThan":"6233d73e","versionType":"git","status":"affected","changes":[{"at":"6233d73e","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV40":[{"source":"596c5446-0ce5-4ba2-aa66-48b3b757a647","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T15:01:59.128635Z","id":"CVE-2026-9591","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"596c5446-0ce5-4ba2-aa66-48b3b757a647","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"references":[{"url":"https://github.com/simplcommerce/SimplCommerce/commit/6233d73e134c887fc3f3308d20710bec096d45e3","source":"596c5446-0ce5-4ba2-aa66-48b3b757a647"},{"url":"https://github.com/simplcommerce/SimplCommerce/pull/1150","source":"596c5446-0ce5-4ba2-aa66-48b3b757a647"}]}},{"cve":{"id":"CVE-2025-71322","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-17T17:16:40.980","lastModified":"2026-06-18T17:16:27.403","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"PickleScan before 0.0.33 fails to include the pty.spawn function in its unsafe globals list, allowing attackers to bypass security checks. Malicious actors can craft pickle payloads using pty.spawn to achieve arbitrary code execution when files are processed by PickleScan."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"PickleScan","product":"PickleScan","defaultStatus":"unaffected","packageURL":"pkg:pypi/picklescan","versions":[{"version":"0","lessThan":"0.0.33","versionType":"semver","status":"affected"},{"version":"0.0.33","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T15:17:59.576526Z","id":"CVE-2025-71322","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-693"}]}],"references":[{"url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-hgrh-qx5j-jfwx","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/picklescan-unsafe-globals-check-bypass-via-pty-spawn-function","source":"disclosure@vulncheck.com"},{"url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-hgrh-qx5j-jfwx","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-3490","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-17T17:16:50.727","lastModified":"2026-06-18T17:16:30.627","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"picklescan before 1.0.4 fails to block pkgutil.resolve_name, allowing attackers to bypass the entire blocklist by resolving any dangerous function through indirect REDUCE calls. Remote attackers can invoke any blocked function such as os.system, builtins.exec, or subprocess.call to achieve remote code execution."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"picklescan","product":"picklescan","defaultStatus":"unaffected","packageURL":"pkg:pypi/picklescan","versions":[{"version":"0","lessThan":"1.0.4","versionType":"semver","status":"affected"},{"version":"1.0.4","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T15:20:40.069385Z","id":"CVE-2026-3490","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-183"}]}],"references":[{"url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-vvpj-8cmc-gx39","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/picklescan-universal-blocklist-bypass-via-pkgutil-resolve-name","source":"disclosure@vulncheck.com"},{"url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-vvpj-8cmc-gx39","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-53869","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-17T19:18:10.743","lastModified":"2026-06-18T17:16:32.407","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Hermes Agent before 0.16.0 contains a DNS rebinding vulnerability in WebSocket endpoints that allows remote attackers to bypass Host and Origin validation. FastAPI HTTP middleware does not execute for WebSocket upgrade requests on /api/pty, /api/ws, /api/pub, and /api/events endpoints, enabling attackers to exploit DNS rebinding and inject malicious commands or read terminal output."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"NousResearch","product":"hermes-agent","defaultStatus":"unaffected","repo":"https://github.com/NousResearch/hermes-agent","packageURL":"pkg:npm/hermes-agent","versions":[{"version":"0","lessThan":"0.16.0","versionType":"semver","status":"affected"},{"version":"0.16.0","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T15:28:51.075482Z","id":"CVE-2026-53869","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"references":[{"url":"https://github.com/NousResearch/hermes-agent/commit/d9ec90585cf7616b5972e44cf8d92bb569fc3feb","source":"disclosure@vulncheck.com"},{"url":"https://github.com/NousResearch/hermes-agent/pull/30221","source":"disclosure@vulncheck.com"},{"url":"https://github.com/NousResearch/hermes-agent/pull/31685","source":"disclosure@vulncheck.com"},{"url":"https://github.com/NousResearch/hermes-agent/releases/tag/v2026.6.5","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/hermes-agent-dns-rebinding-bypass-via-websocket-endpoints","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-53871","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-17T19:18:11.023","lastModified":"2026-06-18T14:17:30.240","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Hermes WebUI before 0.51.368 contains an authorization bypass vulnerability in the get_profile_cookie() function that accepts unauthenticated profile names from the hermes_profile cookie. An authenticated attacker can forge the hermes_profile cookie value to bypass profile-scoped authorization checks and access sessions, files, and resources across different profiles."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"nesquena","product":"hermes-webui","defaultStatus":"unaffected","repo":"https://github.com/nesquena/hermes-webui","packageURL":"pkg:npm/hermes-webui-devtools","versions":[{"version":"0","lessThan":"0.51.368","versionType":"semver","status":"affected"},{"version":"0.51.368","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:50:12.561304Z","id":"CVE-2026-53871","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-565"}]}],"references":[{"url":"https://github.com/nesquena/hermes-webui/commit/9e96f5f6adf93b6d1e27ebddfb4d2833ca06ff3b","source":"disclosure@vulncheck.com"},{"url":"https://github.com/nesquena/hermes-webui/pull/4023","source":"disclosure@vulncheck.com"},{"url":"https://github.com/nesquena/hermes-webui/pull/4036","source":"disclosure@vulncheck.com"},{"url":"https://github.com/nesquena/hermes-webui/releases/tag/v0.51.368","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/hermes-webui-profile-scoped-authorization-bypass-via-forged-hermes-profile-cookie","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-12529","sourceIdentifier":"cna@vuldb.com","published":"2026-06-17T20:16:48.853","lastModified":"2026-06-18T17:16:29.647","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. Affected is an unknown function of the file /index.php of the component Student Self-Registration Endpoint. The manipulation leads to improper access controls. Remote exploitation of the attack is possible."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"SourceCodester","product":"CET Automated Grading System with AI Predictive Analytics","cpes":["cpe:2.3:a:sourcecodester:cet_automated_grading_system_with_ai_predictive_analytics:*:*:*:*:*:*:*:*"],"modules":["Student Self-Registration Endpoint"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T15:30:08.798598Z","id":"CVE-2026-12529","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-266"},{"lang":"en","value":"CWE-284"}]}],"references":[{"url":"https://vuldb.com/cve/CVE-2026-12529","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/837783","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/371976","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/371976/cti","source":"cna@vuldb.com"},{"url":"https://www.sourcecodester.com/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-48822","sourceIdentifier":"security-advisories@github.com","published":"2026-06-17T20:17:23.060","lastModified":"2026-06-18T17:16:31.583","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Shaarli is a personal bookmarking service. Versions 0.16.1 and prior contain a stored Cross-Site Scripting (XSS) vulnerability in the Markdown-to-HTML conversion process used in the Bookmark Description field. An authenticated user can inject a malicious javascript: URI inside a Markdown link. The vulnerability originates in the filterProtocols method within BookmarkMarkdownFormatter.php.This method attempts to sanitize Markdown links by filtering dangerous protocols (such as javascript:) before rendering. It uses the following regular expression: (#]\\((.*?)\\)#is). This regex is designed to detect inline Markdown links, but it fails to detect Markdown reference-style links because reference-style links are resolved by the Markdown parser after preprocessing. The filterProtocols method never inspects the actual URL used in these references and as a result, an attacker can supply a javascript: URI inside a reference definition. This issue has been fixed in version 0.16.2."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"shaarli","product":"Shaarli","versions":[{"version":"< 0.16.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.6,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T15:35:27.903553Z","id":"CVE-2026-48822","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://github.com/shaarli/Shaarli/releases/tag/v0.16.2","source":"security-advisories@github.com"},{"url":"https://github.com/shaarli/Shaarli/security/advisories/GHSA-2hgr-63wv-x462","source":"security-advisories@github.com"},{"url":"https://github.com/shaarli/Shaarli/security/advisories/GHSA-2hgr-63wv-x462","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-48823","sourceIdentifier":"security-advisories@github.com","published":"2026-06-17T20:17:23.210","lastModified":"2026-06-18T14:17:28.167","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Shaarli is a personal bookmarking service. Versions 0.16.1 and prior contain a stored Cross-Site Scripting (XSS) vulnerability in the tag filtering functionality of Shaarli. An authenticated user can inject arbitrary JavaScript into the tags field when creating a bookmark (Shaare). The malicious payload is stored and later executed when users interact with the \"Filter by tag\" search feature on the homepage. User-supplied input in the tags field is not properly sanitized or output-escaped before being rendered in the tag filtering interface. When a bookmark is created with a malicious payload inside the tag field, the payload is stored in the database. Later, when a user searches using the \"Filter by tag\" functionality on the homepage, the application renders matching tags dynamically. If the tag value contains HTML with JavaScript event handlers, it is injected into the DOM. This impacts anyone interacting with the \"Filter by tag\" search functionality, administrators and privileged users. This issue has been fixed in version 0.16.2."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"shaarli","product":"Shaarli","versions":[{"version":"< 0.16.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":0.6,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T12:56:46.297724Z","id":"CVE-2026-48823","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://github.com/shaarli/Shaarli/releases/tag/v0.16.2","source":"security-advisories@github.com"},{"url":"https://github.com/shaarli/Shaarli/security/advisories/GHSA-68qr-fvv8-6mc6","source":"security-advisories@github.com"},{"url":"https://github.com/shaarli/Shaarli/security/advisories/GHSA-68qr-fvv8-6mc6","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-10023","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T04:16:33.803","lastModified":"2026-06-18T15:23:56.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.0.3 via the change_order_status, add_order_note, delete_order_note, add_shipping_tracking_info, grant_access_to_download, and revoke_access_to_download AJAX handlers due to missing ownership validation on a user-controlled order ID key. This makes it possible for authenticated attackers, with custom vendor-level access and above, to modify the status of arbitrary orders, add attacker-controlled notes to any order (including customer-facing notes that trigger WooCommerce notification emails to buyers), delete any order note or WordPress comment by ID regardless of ownership, inject fake shipping tracking information on any order, and grant or revoke downloadable-product permissions on any order in the marketplace. Critically, nonce validity is not a barrier to exploitation: each of these AJAX handlers generates and embeds its nonce on the authenticated vendor's own dashboard order pages (e.g., /dashboard/orders/?order_id=OWN_ORDER_ID), which the attacker legitimately controls. The attacker harvests a valid nonce from their own order detail page and replays it against a victim order ID — the nonce only proves the request originates from a logged-in session, not that the order belongs to that vendor. This directly rebuts the prior rejection reasoning that 'users cannot generate valid nonces on command': vendor users can and do generate valid nonces on demand simply by loading their own dashboard pages. Source-code analysis confirmed the vulnerable code path is present and unpatched through version 5.0.1."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"dokaninc","product":"Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"5.0.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:22:19.284505Z","id":"CVE-2026-10023","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/getdokan/dokan/pull/3246","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/5.0.1/includes/Ajax.php#L225","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/5.0.1/includes/Ajax.php#L293","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/5.0.1/includes/Ajax.php#L378","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/5.0.1/includes/Ajax.php#L400","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/5.0.1/includes/Ajax.php#L439","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/5.0.1/includes/Ajax.php#L511","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/5.0.1/includes/Install/Installer.php#L209","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3564542%40dokan-lite&new=3564542%40dokan-lite&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/998e545c-2ad5-48ec-bad1-d346170af408?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12407","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T04:16:34.867","lastModified":"2026-06-18T15:23:56.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The E2Pdf – Export Pdf Tool for WordPress plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.32.26. This is due to the screen_action() function lacking a dedicated capability check and nonce verification — when invoked via the ?action=screen routing path the controller's index_action() nonce gate is bypassed entirely — while reading an attacker-controlled option name and value from $_POST['wp_screen_options'] and passing them directly to update_option() with no allowlist, relying solely on the page-level e2pdf_templates capability which the plugin's own Permissions UI allows administrators to grant to any role including Subscriber, Contributor, Author, or Editor. This makes it possible for authenticated attackers, with a custom role that has been granted the e2pdf_templates capability, to overwrite arbitrary WordPress options such as default_role and thereby escalate their privileges to administrator."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"oleksandrz","product":"E2Pdf – Export Pdf Tool for WordPress","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.32.26","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T12:44:51.352413Z","id":"CVE-2026-12407","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/e2pdf/tags/1.32.11/classes/controller/e2pdf-templates.php#L1233","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/e2pdf/tags/1.32.11/classes/controller/e2pdf-templates.php#L1235","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/e2pdf/tags/1.32.11/classes/controller/e2pdf-templates.php#L23","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/e2pdf/tags/1.32.11/classes/helper/e2pdf-view.php#L90","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/e2pdf/tags/1.32.26/classes/controller/e2pdf-templates.php#L1233","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/e2pdf/tags/1.32.26/classes/controller/e2pdf-templates.php#L1235","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/e2pdf/tags/1.32.26/classes/controller/e2pdf-templates.php#L23","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/e2pdf/tags/1.32.26/classes/helper/e2pdf-view.php#L90","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3574750%40e2pdf&new=3574750%40e2pdf&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ee4c5d34-74cb-443b-9323-90580dbe675e?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-10029","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T06:16:55.747","lastModified":"2026-06-18T15:23:56.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Event Koi Lite – Events Calendar, Event Management, RSVP, and Tickets plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.13.1 via the get_events. This makes it possible for unauthenticated attackers to extract sensitive data including virtual meeting URLs, physical location data, latitude/longitude coordinates, Google Maps links, and RSVP configuration belonging to draft, pending, and private events that are otherwise inaccessible via public URLs."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"eventkoi","product":"Event Koi Lite – Events Calendar, Event Management, RSVP, and Tickets","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.3.13.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T12:34:25.691397Z","id":"CVE-2026-10029","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/eventkoi-lite/tags/1.3.0.3/includes/api/class-event.php#L151","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/eventkoi-lite/tags/1.3.0.3/includes/api/class-event.php#L40","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/eventkoi-lite/tags/1.3.0.3/includes/api/class-events.php#L39","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/eventkoi-lite/tags/1.3.0.3/includes/api/class-events.php#L49","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/eventkoi-lite/tags/1.3.0.3/includes/core/class-events.php#L270","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/eventkoi-lite/tags/1.3.12.2/includes/api/class-event.php#L151","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/eventkoi-lite/tags/1.3.12.2/includes/api/class-event.php#L40","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/eventkoi-lite/tags/1.3.12.2/includes/api/class-events.php#L39","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/eventkoi-lite/tags/1.3.12.2/includes/api/class-events.php#L49","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/eventkoi-lite/tags/1.3.12.2/includes/core/class-events.php#L270","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3561415%40eventkoi-lite&new=3561415%40eventkoi-lite&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b1be4b6c-ce48-49a2-8d2c-89c9611c8750?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-10623","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T06:16:56.427","lastModified":"2026-06-18T19:16:19.570","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The PressPrimer Quiz – AI Quiz Maker, Exam Builder & LMS Assessment Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.3.0 via the 'rule_id' parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with custom-level access and above, to modify or delete quiz rules belonging to other teachers, resulting in unauthorized tampering of another user's quiz structure."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"pressprimer","product":"PressPrimer Quiz – AI Quiz Maker, Exam Builder & LMS Assessment Plugin","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.3.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T18:18:19.190256Z","id":"CVE-2026-10623","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/PressPrimer/pressprimer-quiz/commit/1795687","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/pressprimer-quiz/tags/2.1.0/includes/api/class-ppq-rest-controller.php#L1703","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/pressprimer-quiz/tags/2.1.0/includes/api/class-ppq-rest-controller.php#L1786","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/pressprimer-quiz/tags/2.1.0/includes/api/class-ppq-rest-controller.php#L1813","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/pressprimer-quiz/tags/2.1.0/includes/api/class-ppq-rest-controller.php#L1860","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/pressprimer-quiz/tags/2.1.0/includes/api/class-ppq-rest-controller.php#L1923","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/pressprimer-quiz/tags/2.1.0/includes/api/class-ppq-rest-controller.php#L1963","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/pressprimer-quiz/tags/2.1.0/includes/api/class-ppq-rest-controller.php#L434","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/pressprimer-quiz/tags/2.2.2/includes/api/class-ppq-rest-controller.php#L1703","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/pressprimer-quiz/tags/2.2.2/includes/api/class-ppq-rest-controller.php#L1786","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/pressprimer-quiz/tags/2.2.2/includes/api/class-ppq-rest-controller.php#L1813","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/pressprimer-quiz/tags/2.2.2/includes/api/class-ppq-rest-controller.php#L1860","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/pressprimer-quiz/tags/2.2.2/includes/api/class-ppq-rest-controller.php#L1923","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/pressprimer-quiz/tags/2.2.2/includes/api/class-ppq-rest-controller.php#L1963","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/pressprimer-quiz/tags/2.2.2/includes/api/class-ppq-rest-controller.php#L434","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/150ac796-d77b-4915-8bbf-9f9b54be8eaf?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-10736","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T06:16:56.573","lastModified":"2026-06-18T17:16:27.600","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to generic SQL Injection via the 'data' parameter in all versions up to, and including, 3.9.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"themeum","product":"Tutor LMS – eLearning and online course solution","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"3.9.11","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T15:51:49.093996Z","id":"CVE-2026-10736","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/tutor/tags/3.9.11/classes/Input.php#L78","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/tutor/tags/3.9.11/models/WithdrawModel.php#L118","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/tutor/tags/3.9.11/models/WithdrawModel.php#L169","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/tutor/tags/3.9.11/views/pages/withdraw_requests.php#L29","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/tutor/tags/3.9.8/classes/Input.php#L78","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/tutor/tags/3.9.8/models/WithdrawModel.php#L118","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/tutor/tags/3.9.8/models/WithdrawModel.php#L169","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/tutor/tags/3.9.8/views/pages/withdraw_requests.php#L29","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset/3565513/tutor/tags/3.9.12/models/WithdrawModel.php","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1e193bb9-bb16-4a77-877b-fa0ab29a6c74?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-11357","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T06:16:56.703","lastModified":"2026-06-18T15:23:56.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.7.5 via the editor_assets_variables. This makes it possible for authenticated attackers, with contributor-level access and above, to extract the site's connected Kadence account license key, license owner email, api_key, api_email, and license domain from the browser console by inspecting window.kadence_blocks_params.proData. Exploitation requires only that an administrator has previously connected a valid Kadence license; the full credential bundle is then readable by any Contributor-level user from the block editor client context without any server-side request manipulation."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"stellarwp","product":"Kadence Blocks — Page Builder Toolkit for Gutenberg Editor","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"3.7.5","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:03:32.481734Z","id":"CVE-2026-11357","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/class-kadence-blocks-editor-assets.php#L291","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/class-kadence-blocks-editor-assets.php#L337","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/helper-functions.php#L286","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.5/includes/class-kadence-blocks-editor-assets.php#L291","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.5/includes/class-kadence-blocks-editor-assets.php#L337","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.5/includes/helper-functions.php#L286","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3569191%40kadence-blocks&new=3569191%40kadence-blocks&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fa62c795-57b8-48e5-a49f-2e1f3c792c87?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-11358","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T06:16:56.833","lastModified":"2026-06-18T15:23:56.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"themeisle","product":"Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"3.0.6","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:21:22.036842Z","id":"CVE-2026-11358","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/themeisle-companion/tags/3.0.5/obfx_modules/menu-icons/init.php#L118","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/themeisle-companion/tags/3.0.5/obfx_modules/menu-icons/init.php#L296","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/themeisle-companion/tags/3.0.6/obfx_modules/menu-icons/init.php#L118","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/themeisle-companion/tags/3.0.6/obfx_modules/menu-icons/init.php#L296","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3574306%40themeisle-companion&new=3574306%40themeisle-companion&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/beb1268c-b680-4ebe-8fe2-65f656390038?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-11360","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T06:16:56.957","lastModified":"2026-06-18T15:23:56.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to generic SQL Injection via the 'sort_direction' parameter in all versions up to, and including, 4.0.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with shop manager-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. The endpoint requires a valid woe_nonce and Shop Manager-level capabilities (view_woocommerce_reports or export_woocommerce_orders), and wp_magic_quotes protection is stripped via stripslashes_deep() before processing, allowing quote and backslash characters to survive intact into the SQL context."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"algolplus","product":"Advanced Order Export For WooCommerce","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"4.0.10","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T12:43:13.646233Z","id":"CVE-2026-11360","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/woo-order-export-lite/tags/4.0.7/classes/admin/tabs/ajax/trait-wc-order-export-admin-tab-abstract-ajax-export.php#L13","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/woo-order-export-lite/tags/4.0.7/classes/class-wc-order-export-admin.php#L550","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/woo-order-export-lite/tags/4.0.7/classes/core/class-wc-order-export-engine.php#L378","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/woo-order-export-lite/tags/4.0.7/classes/core/class-wc-order-export-engine.php#L531","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/woo-order-export-lite/tags/4.0.7/classes/core/class-wc-order-export-engine.php#L537","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/woo-order-export-lite/tags/4.0.7/classes/core/class-wc-order-export-engine.php#L649","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/woo-order-export-lite/tags/4.0.9/classes/admin/tabs/ajax/trait-wc-order-export-admin-tab-abstract-ajax-export.php#L13","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/woo-order-export-lite/tags/4.0.9/classes/class-wc-order-export-admin.php#L550","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/woo-order-export-lite/tags/4.0.9/classes/core/class-wc-order-export-engine.php#L378","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/woo-order-export-lite/tags/4.0.9/classes/core/class-wc-order-export-engine.php#L531","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/woo-order-export-lite/tags/4.0.9/classes/core/class-wc-order-export-engine.php#L537","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/woo-order-export-lite/tags/4.0.9/classes/core/class-wc-order-export-engine.php#L649","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3564108%40woo-order-export-lite&new=3564108%40woo-order-export-lite&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0b395777-2e2a-4dc3-9b0c-ce4c9d22d7e9?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-11402","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T06:16:57.080","lastModified":"2026-06-18T15:23:56.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Services Section Block – Showcase Service Details in Grid or Columns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'link' Block Attribute in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The payload persists inside HTML comments in post_content, bypassing wp_kses_post sanitization at save time, and executes via both the primary service link anchor and a secondary title-wrapped anchor when the linkIn option is set to 'title'."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"bplugins","product":"Services Section Block – Showcase Service Details in Grid or Columns","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.4.4","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T12:32:52.747943Z","id":"CVE-2026-11402","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/services-section/trunk/build/service/render.php#L2","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/services-section/trunk/build/service/view.js#L1","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3570724%40services-section&new=3570724%40services-section&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8e796458-acd4-4334-af1c-29c82f0791ac?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-11776","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T06:16:57.200","lastModified":"2026-06-18T19:16:19.730","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to generic SQL Injection via the 'groupids' parameter in all versions up to, and including, 1.15.43 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"10web","product":"Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.15.43","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T18:21:39.150284Z","id":"CVE-2026-11776","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.41/admin/controllers/Generete_csv.php#L33","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.41/form-maker.php#L873","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.41/framework/WDW_FM_Library.php#L4682","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.41/framework/WDW_FM_Library.php#L4748","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.43/admin/controllers/Generete_csv.php#L33","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.43/form-maker.php#L873","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.43/framework/WDW_FM_Library.php#L4682","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.43/framework/WDW_FM_Library.php#L4748","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3567408%40form-maker&new=3567408%40form-maker&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b7850e73-8ffd-46d4-97c6-5343486a31dc?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-11777","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T06:16:57.320","lastModified":"2026-06-18T17:16:27.813","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to generic SQL Injection via the 'name' parameter in all versions up to, and including, 1.15.43 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"10web","product":"Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.15.43","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T15:51:24.472711Z","id":"CVE-2026-11777","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.41/admin/controllers/Select_data_from_db.php#L84","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.41/admin/models/FMSelectDataFromDb.php#L88","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.41/admin/models/FMSelectDataFromDb.php#L94","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.41/form-maker.php#L911","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.43/admin/controllers/Select_data_from_db.php#L84","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.43/admin/models/FMSelectDataFromDb.php#L88","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.43/admin/models/FMSelectDataFromDb.php#L94","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.43/form-maker.php#L911","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3567408%40form-maker&new=3567408%40form-maker&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/513f407d-e90f-4fd1-82dd-c28bab9f76d0?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-11784","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T06:16:57.440","lastModified":"2026-06-18T15:23:56.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.6. This is due to missing or incorrect nonce validation on the replace_file function. This makes it possible for unauthenticated attackers to overwrite existing media attachments with attacker-supplied file content by supplying a forged multipart POST request targeting any attachment the victim has edit_post capability over via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. The forged request requires a victim with at least Author-level privileges, as the handler enforces a current_user_can('edit_post', $id) check; tricking an Author-level or higher user into clicking a crafted link is sufficient to trigger the overwrite against attachments that user can edit."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"optimole","product":"Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"4.2.6","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:02:59.036208Z","id":"CVE-2026-11784","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/optimole-wp/tags/4.2.5/inc/media_rename/attachment_edit.php#L24","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/optimole-wp/tags/4.2.5/inc/media_rename/attachment_edit.php#L331","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/optimole-wp/tags/4.2.6/inc/media_rename/attachment_edit.php#L24","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/optimole-wp/tags/4.2.6/inc/media_rename/attachment_edit.php#L331","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3574315%40optimole-wp&new=3574315%40optimole-wp&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8a90de6e-6bd5-43b6-980d-84d25d4120ad?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12093","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T06:16:57.560","lastModified":"2026-06-18T15:23:56.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Simple Membership plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.7.5. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to deactivate arbitrary member accounts by forging a charge.refunded webhook event containing a victim's subscription ID, setting the target member's account_state to 'inactive' and triggering cancellation hooks, transaction-record status changes, and cancellation notification emails. This vulnerability is exploitable only on installations where no Stripe webhook signing secret has been configured, which is the default out-of-the-box state; sites that have configured the stripe-webhook-signing-secret option are routed to the properly verified HMAC path and are not affected."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"wpinsider-1","product":"Simple Membership","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"4.7.5","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:21:36.202720Z","id":"CVE-2026-12093","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/simple-membership/tags/4.7.3/classes/class.swpm-wp-loaded-tasks.php#L96","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simple-membership/tags/4.7.3/ipn/swpm-stripe-webhook-handler.php#L297","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simple-membership/tags/4.7.3/ipn/swpm-stripe-webhook-handler.php#L71","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simple-membership/tags/4.7.3/ipn/swpm_handle_subsc_ipn.php#L381","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simple-membership/tags/4.7.4/classes/class.swpm-wp-loaded-tasks.php#L96","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simple-membership/tags/4.7.4/ipn/swpm-stripe-webhook-handler.php#L297","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simple-membership/tags/4.7.4/ipn/swpm-stripe-webhook-handler.php#L71","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simple-membership/tags/4.7.4/ipn/swpm_handle_subsc_ipn.php#L381","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3573852%40simple-membership&new=3573852%40simple-membership&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2f91a7c3-ee0e-48e9-aa5f-dfc1160bbc09?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12120","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T06:16:57.680","lastModified":"2026-06-18T15:23:56.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The FireBox Popups – Increase Sales and Grow Your Email List plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.7 via the 'form_id' parameter. This makes it possible for unauthenticated attackers to extract download a full CSV export of all form submissions — including any personally identifiable information submitted by users — for any arbitrary form_id."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"fireplugins","product":"FireBox Popups – Increase Sales and Grow Your Email List","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"3.1.7","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T12:43:58.544994Z","id":"CVE-2026-12120","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/firebox/tags/3.1.6/Inc/Core/Admin/Admin.php#L156","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/firebox/tags/3.1.6/Inc/Core/Admin/Admin.php#L42","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/firebox/tags/3.1.6/Inc/Core/Plugin.php#L217","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/firebox/tags/3.1.6/Inc/Framework/init.php#L254","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/firebox/tags/3.1.7/Inc/Core/Admin/Admin.php#L156","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/firebox/tags/3.1.7/Inc/Core/Admin/Admin.php#L42","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/firebox/tags/3.1.7/Inc/Core/Plugin.php#L217","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/firebox/tags/3.1.7/Inc/Framework/init.php#L254","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3572719%40firebox&new=3572719%40firebox&sfp_email=&sfph_mail=#file38","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/54f939f9-2853-401a-adc0-5b727da5179b?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-9199","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T06:16:58.057","lastModified":"2026-06-18T15:23:56.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with author-level access and above, to dismiss, ignore, or restore accessibility audit issue records belonging to posts they are not permitted to edit by supplying an issue from their own post as an authorization token to affect matching issues across the entire site. An Author-level user can exploit this by passing largeBatch=true on a dismiss-issue request referencing one of their own post's issues, causing the handler to bulk-modify all site-wide accessibility issues sharing the same 'object' value — including those belonging to administrator-owned posts."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"equalizedigital","product":"Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.42.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T12:48:57.570590Z","id":"CVE-2026-9199","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/accessibility-checker/tags/1.39.0/includes/classes/class-rest-api.php#L1232","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/accessibility-checker/tags/1.39.0/includes/classes/class-rest-api.php#L1247","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/accessibility-checker/tags/1.39.0/includes/classes/class-rest-api.php#L349","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/accessibility-checker/tags/1.42.0/includes/classes/class-rest-api.php#L1232","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/accessibility-checker/tags/1.42.0/includes/classes/class-rest-api.php#L1247","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/accessibility-checker/tags/1.42.0/includes/classes/class-rest-api.php#L349","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3553926%40accessibility-checker&new=3553926%40accessibility-checker&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0e5cc0ce-3785-4240-863e-d1396db6e8ef?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-9860","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T06:16:59.063","lastModified":"2026-06-18T19:16:23.927","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Offload, AI & Optimize with Cloudflare Images plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.10.2 via the 'account-id' parameter parameter. This is due to insufficient privilege enforcement on the cf_images_do_setup AJAX handler, which requires only the upload_files capability (Author+) rather than manage_options before writing to wp-config.php, combined with the absence of single-quote escaping — sanitize_text_field() does not strip single quotes, and filter_input(INPUT_POST) bypasses wp_magic_quotes() slashing — allowing a single quote in the account-id or api-key parameter to break out of the single-quoted PHP string literal in the write_config() define() statement. This makes it possible for authenticated attackers, with author-level access and above, to execute code on the server. This is possible because the 'cf-images-nonce' nonce required by the AJAX handler is exposed to all Author-level and above users on wp-admin/upload.php via the CFImages JavaScript object, meaning any upload-capable user can satisfy the nonce check and reach the vulnerable wp-config.php write path."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"vanyukov","product":"Offload, AI & Optimize with Cloudflare Images","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.10.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T18:10:03.525339Z","id":"CVE-2026-9860","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/cf-images/tags/1.10.1/app/class-media.php#L94","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/cf-images/tags/1.10.1/app/class-settings.php#L123","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/cf-images/tags/1.10.1/app/class-settings.php#L75","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/cf-images/tags/1.10.1/app/traits/trait-ajax.php#L36","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3564001%40cf-images&new=3564001%40cf-images&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a772041e-015e-48e8-9fab-79f1fcdb265c?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-11395","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T08:16:33.013","lastModified":"2026-06-18T17:16:27.710","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The CF7 to Webhook plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.0 via the pull_the_trigger. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Exploitation requires that the admin-configured webhook URL contains a Contact Form 7 field placeholder in the host segment of the URL, and that the affected form is publicly accessible."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"mariovalney","product":"CF7 to Webhook","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"5.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T15:52:25.322267Z","id":"CVE-2026-11395","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/cf7-to-zapier/tags/5.0.0/modules/cf7/class-module-cf7.php#L351","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/cf7-to-zapier/tags/5.0.0/modules/cf7/class-module-cf7.php#L524","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/cf7-to-zapier/tags/5.0.0/modules/zapier/class-module-zapier.php#L150","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3562661%40cf7-to-zapier&new=3562661%40cf7-to-zapier&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/caa5b9aa-e98c-48fc-9e63-0a1380465918?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12098","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T08:16:33.140","lastModified":"2026-06-18T15:23:56.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The PowerPress Podcasting plugin by Blubrry plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'embed' Episode Meta Field in all versions up to, and including, 11.16.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The embed value is stored via update_post_meta() rather than through WordPress core's post content pipeline, meaning kses-on-save filtering is never applied — even for Author-role users who would otherwise lack unfiltered_html — making this path unprotected by WordPress's standard role-based XSS mitigations."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"blubrry","product":"PowerPress Podcasting plugin by Blubrry","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"11.16.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:02:25.321926Z","id":"CVE-2026-12098","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/powerpress/tags/11.16.4/powerpress.php#L420","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/powerpress/tags/11.16.4/powerpress.php#L659","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/powerpress/tags/11.16.4/powerpressadmin.php#L2984","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/powerpress/tags/11.16.8/powerpress.php#L420","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/powerpress/tags/11.16.8/powerpress.php#L659","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/powerpress/tags/11.16.8/powerpressadmin.php#L2984","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3575897%40powerpress&new=3575897%40powerpress&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7a74e4fb-15a9-4fc9-afa6-396b0f026615?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12102","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T08:16:33.257","lastModified":"2026-06-18T15:23:56.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.63 via the 'user_id' parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with editor-level access and above, to reset and permanently delete the avatar or banner image of any arbitrary user, including administrators, by clearing their avatar_thumb or banner_thumb metadata in the uwp_usermeta table."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"stiofansisland","product":"UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.2.63","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N","baseScore":2.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:21:07.179981Z","id":"CVE-2026-12102","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/AyeCode/userswp/commit/0e69f967578904cc26fadd0206270d50b7420298","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/userswp/tags/1.2.61/includes/class-forms.php#L371","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/userswp/tags/1.2.61/includes/class-forms.php#L389","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/userswp/tags/1.2.61/includes/class-forms.php#L89","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/userswp/tags/1.2.61/includes/class-profile.php#L1739","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/userswp/tags/1.2.61/includes/class-userswp.php#L574","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/userswp/tags/1.2.63/includes/class-forms.php#L371","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/userswp/tags/1.2.63/includes/class-forms.php#L389","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/userswp/tags/1.2.63/includes/class-forms.php#L89","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/userswp/tags/1.2.63/includes/class-profile.php#L1739","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/userswp/tags/1.2.63/includes/class-userswp.php#L574","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7115756e-69fa-42fe-bde3-a36e34d4bae3?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12111","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T08:16:33.377","lastModified":"2026-06-18T15:23:56.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Appointment Booking Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.4.01. This is due to insufficient authorization and missing per-calendar ownership checks in the cpabc_appointments_calendar_load2() function, which is reachable via the cpabc_calendar_load2=1 query parameter in wp-admin and only checks is_admin() && current_user_can('edit_posts'), a capability available to Contributor-level users and above. This makes it possible for authenticated attackers with Contributor-level access and above to supply an arbitrary calendar ID via the id parameter and extract customer booking information, including email addresses, names, phone numbers, booking times, and comments, from any calendar managed by the plugin."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"codepeople","product":"Appointment Booking Calendar","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.4.01","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T12:42:03.307153Z","id":"CVE-2026-12111","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/appointment-booking-calendar/tags/1.3.99/cpabc_appointments.php#L142","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/appointment-booking-calendar/tags/1.3.99/inc/cpabc_apps_go.inc.php#L1018","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/appointment-booking-calendar/tags/1.3.99/inc/cpabc_apps_go.inc.php#L1019","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/appointment-booking-calendar/tags/1.3.99/inc/cpabc_apps_go.inc.php#L945","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/appointment-booking-calendar/trunk/cpabc_appointments.php#L142","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/appointment-booking-calendar/trunk/inc/cpabc_apps_go.inc.php#L1018","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/appointment-booking-calendar/trunk/inc/cpabc_apps_go.inc.php#L1019","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/appointment-booking-calendar/trunk/inc/cpabc_apps_go.inc.php#L945","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3570448%40appointment-booking-calendar&new=3570448%40appointment-booking-calendar&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e1ecc237-87b0-4c4d-94cc-d3af9c6669c5?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12136","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T08:16:33.490","lastModified":"2026-06-18T15:23:56.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Customize My Account For Woocommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sysbasics_user_avatar' shortcode in versions up to, and including, 4.3.6. This is due to insufficient input sanitization and output escaping on user supplied attributes (min_height, min_width, max_height, max_width) in the wcmamtx_get_avatar_default() function, which are concatenated unescaped into the get_avatar() extra_attr style attribute. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"phppoet","product":"SysBasics Customize My Account for WooCommerce – Dashboard, Endpoints, Avatar & Menu Manager","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"4.3.6","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T12:31:10.891035Z","id":"CVE-2026-12136","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/customize-my-account-for-woocommerce/tags/4.3.6/include/sysbasics-avatar-upload.php#L524","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/customize-my-account-for-woocommerce/tags/4.3.6/include/sysbasics-avatar-upload.php#L573","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/customize-my-account-for-woocommerce/tags/4.3.6/include/wcmamtx_extra_functions.php#L163","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3571110%40customize-my-account-for-woocommerce&new=3571110%40customize-my-account-for-woocommerce&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/44d041ca-caa6-410d-b2d1-7a63208cc512?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12137","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T08:16:33.610","lastModified":"2026-06-18T19:16:19.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The SysBasics Customize My Account for WooCommerce – Dashboard, Endpoints, Avatar & Menu Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 4.3.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Because the vulnerable plugin_options_page() function is only rendered within the WordPress admin dashboard, successful exploitation requires the targeted victim to be logged in with Shop Manager-level access or higher."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"phppoet","product":"SysBasics Customize My Account for WooCommerce – Dashboard, Endpoints, Avatar & Menu Manager","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"4.3.6","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T18:13:32.186408Z","id":"CVE-2026-12137","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/customize-my-account-for-woocommerce/tags/4.3.6/include/admin/admin_settings.php#L622","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/customize-my-account-for-woocommerce/tags/4.3.6/include/admin/admin_settings.php#L702","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3571110%40customize-my-account-for-woocommerce&new=3571110%40customize-my-account-for-woocommerce&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/74c1bc1d-27f1-4953-8ebd-9396fce0f834?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-2021","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T13:25:33.917","lastModified":"2026-06-18T17:16:29.900","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Slideshow Gallery LITE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alwaysauto' shortcode attribute in all versions up to, and including, 1.8.5. This is due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"contrid","product":"Slideshow Gallery LITE","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.8.5","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T15:53:39.270656Z","id":"CVE-2026-2021","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/slideshow-gallery/tags/1.8.5/slideshow-gallery.php#L558","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/slideshow-gallery/tags/1.8.5/views/default/gallery.php#L192","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/slideshow-gallery/trunk/slideshow-gallery.php#L558","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/slideshow-gallery/trunk/views/default/gallery.php#L192","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3567787%40slideshow-gallery&new=3567787%40slideshow-gallery&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/55d842fc-a750-4b59-a1d6-b3bd427dfe79?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-8039","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T13:25:44.517","lastModified":"2026-06-18T15:23:56.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Fancy Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'author' shortcode attribute in the 'testimonial' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"dijitul","product":"Fancy Testimonials","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:01:53.099731Z","id":"CVE-2026-8039","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/fancy-testimonials/tags/1.0/testimonials.php#L33","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/fancy-testimonials/trunk/testimonials.php#L33","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cf7adeb3-4c6b-4181-af07-0acb1fc8cdb0?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-54219","sourceIdentifier":"cvd@cert.pl","published":"2026-06-18T14:17:30.380","lastModified":"2026-06-18T18:05:54.947","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"UBB.threads is vulnerable to Stored XSS via user posts and user profile fields. The application fails to properly sanitize user input, allowing low privileged attackers to inject arbitrary JavaScript that executes in a victim's browser upon viewing.\n\nBecause vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 7.7.5 but may also affect other versions."}],"affected":[{"source":"cvd@cert.pl","affectedData":[{"vendor":"UBB Systems","product":"UBB.threads","defaultStatus":"unknown","versions":[{"version":"0","lessThanOrEqual":"7.7.5","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cvd@cert.pl","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:31:38.865613Z","id":"CVE-2026-54219","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cvd@cert.pl","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://cert.pl/en/posts/2026/06/CVE-2026-54219","source":"cvd@cert.pl"},{"url":"https://www.ubbcentral.com/","source":"cvd@cert.pl"}]}},{"cve":{"id":"CVE-2026-54220","sourceIdentifier":"cvd@cert.pl","published":"2026-06-18T14:17:30.530","lastModified":"2026-06-18T18:05:54.947","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"uBB.threads is vulnerable to a Cross-Site Request Forgery (CSRF) due to a lack of protective mechanisms. This allows an attacker to trick an authenticated user into executing unintended actions.\n\nBecause vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 7.7.5 but may also affect other versions."}],"affected":[{"source":"cvd@cert.pl","affectedData":[{"vendor":"UBB Systems","product":"UBB.threads","defaultStatus":"unknown","versions":[{"version":"0","lessThanOrEqual":"7.7.5","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cvd@cert.pl","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:30:24.564433Z","id":"CVE-2026-54220","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cvd@cert.pl","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"references":[{"url":"https://cert.pl/en/posts/2026/06/CVE-2026-54219","source":"cvd@cert.pl"},{"url":"https://www.ubbcentral.com/","source":"cvd@cert.pl"}]}},{"cve":{"id":"CVE-2026-54221","sourceIdentifier":"cvd@cert.pl","published":"2026-06-18T14:17:30.663","lastModified":"2026-06-18T18:05:54.947","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"UBB.threads is vulnerable to Reflected XSS. The application improperly handles user input in certain requests, enabling attackers to execute arbitrary JavaScript in the context of a victim's browser by tricking them into clicking a crafted link. \nBecause vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 7.7.5 but may also affect other versions."}],"affected":[{"source":"cvd@cert.pl","affectedData":[{"vendor":"UBB Systems","product":"UBB.threads","defaultStatus":"unknown","versions":[{"version":"0","lessThanOrEqual":"7.7.5","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cvd@cert.pl","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:25:40.778408Z","id":"CVE-2026-54221","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cvd@cert.pl","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://cert.pl/en/posts/2026/06/CVE-2026-54219","source":"cvd@cert.pl"},{"url":"https://www.ubbcentral.com/","source":"cvd@cert.pl"}]}},{"cve":{"id":"CVE-2026-54222","sourceIdentifier":"cvd@cert.pl","published":"2026-06-18T14:17:30.793","lastModified":"2026-06-18T18:05:54.947","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"UBB.threads is vulnerable to Blind SQL Injection, allowing attackers with access to the Members in Control Panel to interact with the underlying database. Due to insufficient input sanitization, an attacker can extract sensitive information, such as user credentials, by manipulating SQL queries through time-based or boolean-based techniques. \nBecause vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 7.7.5 but may also affect other versions."}],"affected":[{"source":"cvd@cert.pl","affectedData":[{"vendor":"UBB Systems","product":"UBB.threads","defaultStatus":"unknown","versions":[{"version":"0","lessThanOrEqual":"7.7.5","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cvd@cert.pl","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:11:48.653567Z","id":"CVE-2026-54222","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cvd@cert.pl","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://cert.pl/en/posts/2026/06/CVE-2026-54219","source":"cvd@cert.pl"},{"url":"https://www.ubbcentral.com/","source":"cvd@cert.pl"}]}},{"cve":{"id":"CVE-2026-54223","sourceIdentifier":"cvd@cert.pl","published":"2026-06-18T14:17:30.920","lastModified":"2026-06-18T18:05:54.947","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"UBB.threads is vulnerable to Path traversal, allowing attackers with privilege to edit templates to read and write any file on the application’s server that application has privileges to, what results in Remote Code Execution. \nBecause vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 7.7.5 but may also affect other versions."}],"affected":[{"source":"cvd@cert.pl","affectedData":[{"vendor":"UBB Systems","product":"UBB.threads","defaultStatus":"unknown","versions":[{"version":"0","lessThanOrEqual":"7.7.5","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cvd@cert.pl","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:10:37.120400Z","id":"CVE-2026-54223","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cvd@cert.pl","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://cert.pl/en/posts/2026/06/CVE-2026-54219","source":"cvd@cert.pl"},{"url":"https://www.ubbcentral.com/","source":"cvd@cert.pl"}]}},{"cve":{"id":"CVE-2026-54224","sourceIdentifier":"cvd@cert.pl","published":"2026-06-18T14:17:31.050","lastModified":"2026-06-18T18:05:54.947","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"UBB.threads is vulnerable to Denial of Service (DoS). By sending multiple concurrent requests to view any user profile on instances with many registered users, an authenticated attacker can easily exhaust database resources and completely deny access to the application for other users.\nBecause vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 7.7.5 but may also affect other versions."}],"affected":[{"source":"cvd@cert.pl","affectedData":[{"vendor":"UBB Systems","product":"UBB.threads","defaultStatus":"unknown","versions":[{"version":"0","lessThanOrEqual":"7.7.5","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cvd@cert.pl","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T13:09:32.994554Z","id":"CVE-2026-54224","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cvd@cert.pl","type":"Primary","description":[{"lang":"en","value":"CWE-405"}]}],"references":[{"url":"https://cert.pl/en/posts/2026/06/CVE-2026-54219","source":"cvd@cert.pl"},{"url":"https://www.ubbcentral.com/","source":"cvd@cert.pl"}]}},{"cve":{"id":"CVE-2026-56007","sourceIdentifier":"audit@patchstack.com","published":"2026-06-18T14:17:34.737","lastModified":"2026-06-18T17:16:35.040","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OceanWP Ocean Product Sharing allows Stored XSS.\n\nThis issue affects Ocean Product Sharing: from n/a through 2.2.2."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"OceanWP","product":"Ocean Product Sharing","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"ocean-product-sharing","versions":[{"version":"n/a","lessThanOrEqual":"2.2.2","versionType":"custom","status":"affected","changes":[{"at":"2.2.3","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.7,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T15:54:09.585200Z","id":"CVE-2026-56007","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/ocean-product-sharing/vulnerability/wordpress-ocean-product-sharing-plugin-2-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-56009","sourceIdentifier":"audit@patchstack.com","published":"2026-06-18T14:17:34.877","lastModified":"2026-06-18T15:23:56.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bricksable for Bricks Builder allows Stored XSS.\n\nThis issue affects Bricksable for Bricks Builder: from n/a through 1.6.83."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Bricksable","product":"Bricksable for Bricks Builder","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"bricksable","versions":[{"version":"n/a","lessThanOrEqual":"1.6.83","versionType":"custom","status":"affected","changes":[{"at":"1.6.84","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.7,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T12:57:12.147870Z","id":"CVE-2026-56009","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/bricksable/vulnerability/wordpress-bricksable-for-bricks-builder-plugin-1-6-83-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-56012","sourceIdentifier":"audit@patchstack.com","published":"2026-06-18T14:17:35.007","lastModified":"2026-06-18T17:16:35.140","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIbrary Assistant allows Blind SQL Injection.\n\nThis issue affects Media LIbrary Assistant: from n/a through 3.35."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"David Lingren","product":"Media LIbrary Assistant","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"media-library-assistant","versions":[{"version":"n/a","lessThanOrEqual":"3.35","versionType":"custom","status":"affected","changes":[{"at":"3.36","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.1,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T15:21:53.451060Z","id":"CVE-2026-56012","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/media-library-assistant/vulnerability/wordpress-media-library-assistant-plugin-3-35-sql-injection-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2025-32392","sourceIdentifier":"security-advisories@github.com","published":"2026-06-18T17:16:26.407","lastModified":"2026-06-18T18:16:17.567","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, AutoGPT's LoopVideoBLock allows users to input a video file and process the video, such as looping it 5 times or extending the time, and finally writing it to disk. However, there is no limit on the resources that can be allocated during execution. For example, the number of loops is user-controllable and unlimited. When a malicious attacker loops too many times, the generated video is too large, and after writing it to disk, the disk space is exhausted, eventually causing DoS. Version 0.6.63 patches the issue."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"Significant-Gravitas","product":"AutoGPT","versions":[{"version":"< 0.6.63","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T17:33:59.901343Z","id":"CVE-2025-32392","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"references":[{"url":"https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-267x-8jx3-gg6w","source":"security-advisories@github.com"},{"url":"https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-267x-8jx3-gg6w","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2025-32422","sourceIdentifier":"security-advisories@github.com","published":"2026-06-18T17:16:26.547","lastModified":"2026-06-18T20:16:11.720","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, `StepThroughItemsBlock` can iterate all the contents in a list and send them to `FileStoreBlock` for downloading one by one. Although `FileStoreBlock` has access time limits for downloading files, `StepThroughItemsBlock` can be used to slowly iterate and download relatively small files (e.g., 100M) multiple times. `StepThroughItemsBlock` does not limit the number of loops. In addition, `FileStoreBlock` does not limit the amount of disk space consumed in the current working directory. When a malicious user chooses to download too many videos, the disk space will eventually run out, causing a DoS. Version 0.6.63 patches the issue."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"Significant-Gravitas","product":"AutoGPT","versions":[{"version":"< 0.6.63","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T18:52:44.951623Z","id":"CVE-2025-32422","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"references":[{"url":"https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-9fr4-9jj9-mhh6","source":"security-advisories@github.com"},{"url":"https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-9fr4-9jj9-mhh6","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2025-32424","sourceIdentifier":"security-advisories@github.com","published":"2026-06-18T17:16:26.667","lastModified":"2026-06-18T20:16:12.707","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, ScreenshotWebPageBlock will store the captured screenshots in a temporary directory. `StepThroughItemsBlock` can be used to iterate `ScreenshotWebPageBlock` multiple times. `StepThroughItemsBlock` does not limit the number of loops. In addition, `ScreenshotWebPageBlock` does not limit the amount of disk space consumed in the current working directory. When a malicious user chooses to screen shot many web pages, the disk space will eventually run out, causing a DoS. Version 0.6.63 patches the issue."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"Significant-Gravitas","product":"AutoGPT","versions":[{"version":"< 0.6.63","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T18:38:32.999925Z","id":"CVE-2025-32424","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"references":[{"url":"https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-7g34-7fvq-xxq6","source":"security-advisories@github.com"},{"url":"https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-7g34-7fvq-xxq6","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2025-32437","sourceIdentifier":"security-advisories@github.com","published":"2026-06-18T17:16:26.923","lastModified":"2026-06-18T18:16:18.637","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, `MediaDurationBlock` will download and store the video in a temporary directory without deleting before all noded are done. `StepThroughItemsBlock` can be used to iterate `MediaDurationBlock` multiple times. `StepThroughItemsBlock` does not limit the number of loops. In addition, `MediaDurationBlock ` does not limit the amount of disk space consumed in the current working directory and does not delete the video after outputing the result. When a malicious user chooses to screen shot many web pages, the disk space will eventually run out, causing a DoS. Version 0.6.63 patches the issue."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"Significant-Gravitas","product":"AutoGPT","versions":[{"version":"< 0.6.63","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T17:32:11.890361Z","id":"CVE-2025-32437","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"references":[{"url":"https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-rg6v-m9x9-7wf9","source":"security-advisories@github.com"},{"url":"https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-rg6v-m9x9-7wf9","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-10687","sourceIdentifier":"vulnerabilities@zephyrproject.org","published":"2026-06-18T17:16:27.523","lastModified":"2026-06-18T17:16:27.523","vulnStatus":"Rejected","cveTags":[],"descriptions":[{"lang":"en","value":"Rejected reason: This CVE Record has been rejected by the Zephyr Project CNA. Subsequent analysis, confirmed with the fix author, determined that the addressed defect does not apply to any released version of Zephyr: the affected code path exists only in unreleased development code, and no released branch is affected. As no released version is affected, this identifier is withdrawn."}],"metrics":{},"references":[]}},{"cve":{"id":"CVE-2026-55237","sourceIdentifier":"security-advisories@github.com","published":"2026-06-18T17:16:34.900","lastModified":"2026-06-18T18:16:20.293","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions prior to 0.6.62 have a DOM-based Cross-Site Scripting (XSS) vulnerability in AutoGPT's signup page. The application improperly trusts a URL parameter (`next`), which is passed to `router.push`. An attacker can craft a malicious link that, when opened by an authenticated user, performs a client-side redirect and executes arbitrary JavaScript in the context of their browser. This could lead to credential theft, internal network pivoting, and unauthorized actions performed on behalf of the victim. Version 0.6.62 patches the issue."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"Significant-Gravitas","product":"AutoGPT","versions":[{"version":"< 0.6.62","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":5.3}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T17:29:06.409362Z","id":"CVE-2026-55237","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-87"},{"lang":"en","value":"CWE-601"}]}],"references":[{"url":"https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-j2cp-jg5q-38wj","source":"security-advisories@github.com"},{"url":"https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-j2cp-jg5q-38wj","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-12475","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T18:16:18.973","lastModified":"2026-06-18T18:16:18.973","vulnStatus":"Rejected","cveTags":[],"descriptions":[{"lang":"en","value":"Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage."}],"metrics":{},"references":[]}},{"cve":{"id":"CVE-2026-2842","sourceIdentifier":"security@wordfence.com","published":"2026-06-18T20:16:13.063","lastModified":"2026-06-18T20:16:13.063","vulnStatus":"Rejected","cveTags":[],"descriptions":[{"lang":"en","value":"Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage."}],"metrics":{},"references":[]}},{"cve":{"id":"CVE-2026-10746","sourceIdentifier":"cve@gitlab.com","published":"2026-06-18T23:16:17.800","lastModified":"2026-06-18T23:16:17.800","vulnStatus":"Rejected","cveTags":[],"descriptions":[{"lang":"en","value":"Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}],"metrics":{},"references":[]}},{"cve":{"id":"CVE-2026-6716","sourceIdentifier":"cve@gitlab.com","published":"2026-06-18T23:16:19.887","lastModified":"2026-06-18T23:16:19.887","vulnStatus":"Rejected","cveTags":[],"descriptions":[{"lang":"en","value":"Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}],"metrics":{},"references":[]}}]}